Limited Business Interruption Claims Following CrowdStrike Computer Error

On July 18, 2024, a widespread computer error originating from cybersecurity firm CrowdStrike caused significant disruptions across multiple industries, grounding airlines, affecting banks, and impacting various businesses. Despite the broad reach of this incident, experts predict a surprisingly low number of business interruption (BI) claims. Here's why:

1. Temporary Nature of the Disruption

The CrowdStrike error, though impactful, was resolved relatively quickly. Most businesses experienced disruptions for a matter of hours rather than days. Business interruption insurance typically covers losses incurred from more extended periods of downtime, often after an initial waiting period of 24 to 72 hours. The brevity of this incident means many businesses did not reach the threshold required to trigger their BI coverage.

2. Business Continuity Plans

Many companies, especially those in highly regulated industries like aviation and finance, have robust business continuity plans (BCPs) in place. These plans are designed to mitigate the effects of such disruptions. Airlines, for example, often have contingency measures to manage flight delays and cancellations. Banks and financial institutions typically have redundant systems to ensure operations continue despite technical glitches. The effectiveness of these BCPs likely minimized the overall financial impact, reducing the necessity for BI claims.

3. Incident Response and Resilience

The quick and effective response from CrowdStrike and affected businesses played a crucial role in limiting the damage. Cybersecurity firms and IT departments mobilized rapidly to address the issue, restoring systems and services efficiently. This resilience reduced the duration and severity of the disruption, further lowering the potential for substantial financial losses that would warrant BI claims.

4. Exclusions in Insurance Policies

Insurance policies often contain specific exclusions for certain types of events. In the case of cyber incidents, some policies may not cover losses resulting from software errors or third-party service failures, depending on the policy terms. Businesses affected by the CrowdStrike error might find that their BI insurance excludes this type of incident, limiting their ability to file claims.

5. Technological Advancements and Data Recovery

Advancements in technology, particularly in data recovery and cloud computing, have enhanced businesses' ability to recover quickly from disruptions. Automated backups, cloud-based services, and failover systems mean that many companies can restore operations swiftly without incurring significant downtime or loss of revenue. This technological resilience further reduces the potential for BI claims.

6. Legal and Regulatory Considerations

In some cases, legal and regulatory frameworks may provide guidance or compensation mechanisms for affected businesses. For instance, airlines might receive regulatory support or compensation for disruptions, reducing their need to rely on BI insurance. Similarly, financial institutions might leverage regulatory protections or industry-specific safeguards to manage the impact of the incident.

Conclusion

While the CrowdStrike computer error undoubtedly caused significant disruptions, the rapid resolution, effective business continuity measures, and inherent exclusions in many insurance policies contribute to the expectation of a lower volume of business interruption claims. This incident underscores the importance of robust BCPs, technological resilience, and a clear understanding of insurance coverage specifics for businesses navigating the complex landscape of cyber risks.