• MEMBERSHIP
  • PRICING
  • ENTERPRISE
  • ABOUT
Sign in
Sign up
  • Home
  • Blog
  • 5 Lessons Learned From the CrowdStrike Outage
Global IT Outages - Crowdstrike
  • Blog, Guides

5 Lessons Learned From the CrowdStrike Outage

3 min read
All Posts

5 Lessons Learned From the CrowdStrike Outage

  • Blog, Guides
3 min read
Global IT Outages - Crowdstrike

The recent global CrowdStrike outage sent shockwaves through industries reliant on cloud-based cybersecurity solutions. The ripple effects, from downtime in healthcare systems to interruptions in financial services, have left many insurance professionals grappling with the systemic risks such incidents pose. To help you put the recent CrowdStrike outage into context, we have broken down our recent live, quick-fire Q&A session with Sharon Haran, Chief Commercial Officer at Parametrix.

 

A Quick Recap of the CrowdStrike Outage

The CrowdStrike outage was a significant cybersecurity incident affecting users of CrowdStrike’s flagship product, Falcon, an Endpoint Detection and Response (EDR) system. The outage was triggered by a faulty security update sent to Windows users, causing their systems to crash. While CrowdStrike quickly identified and resolved the issue, many users—especially those with on-premise installations—had to manually rectify the issue, leading to widespread disruption. Around 8.5 million computers and servers worldwide were impacted, with industries such as aviation and healthcare taking a particularly hard hit.

1. Cyber Insurance Risk Models Post-CrowdStrike

The CrowdStrike outage served as a significant wake-up call for the cyber insurance industry, highlighting vulnerabilities that were previously overlooked. Traditionally, cyber insurers have focused on malicious attacks, with underwriters often favoring companies using robust cybersecurity products like CrowdStrike Falcon. However, this event demonstrated the risks posed by non-malicious system outages, especially in widely adopted platforms. 

The outage underscored the need for insurers and reinsurers to broaden their risk models and consider aggregation points beyond just cloud services, such as critical platforms like Salesforce or PayPal. This incident has prompted the industry to reassess how it evaluates and prepares for non-malicious disruptions

2. Policy Language Refinements

Given the CrowdStrike outage, underwriters should adjust their approach to cloud risks by narrowing the definitions and scope of coverages. Currently, standard cyber policies have broad definitions which creates significant aggregation risk, as insurers may not fully understand which critical platforms their customers use. To mitigate this, underwriters should move toward approaches that require insureds to specifically name the mission-critical systems they rely on. 

By doing so, insurers can apply targeted underwriting guidelines if overexposure to certain software is detected. This will likely be reflected in more precise policy wording and clearer definitions of dependent systems, allowing underwriters to manage aggregation risks more effectively while still providing necessary coverage.

3. Third-Party Risk Assessment Considerations

Third-party vendor risk and supply chain risk were already top concerns for underwriters before the CrowdStrike outage, but this event is likely to shift how they assess these risks going forward. As companies become increasingly dependent on third-party digital services, insurers will need to offer coverage for both malicious and non-malicious third-party incidents

However, insurers will also need to become more selective, identifying which third-party providers are more prone to outages or security vulnerabilities based on their quality assurance practices. This could lead to differentiated coverage and pricing models, where underwriters apply more stringent underwriting guidelines for companies reliant on less reliable vendors.

4. Innovation v.s. Resilience after CrowdStrike

The CrowdStrike outage serves as a valuable lesson for cyber vendors on balancing rapid innovation with maintaining a resilient infrastructure. While the fast-paced nature of cybersecurity demands frequent updates to stay ahead of evolving threats, this incident underscores the need for robust quality assurance. 

However, innovation itself is not the problem—if anything, it can enhance incident response by enabling quicker recovery times, as seen in the cloud-based systems during the outage. This event highlights the importance of continuous testing and refining disaster recovery (DR) plans for vendors and their customers.

5. Coverage Overlaps

The potential for significant coverage overlap across various insurance policies, including D&O, E&O, and property insurance, was highlighted by the CrowdStrike incident. For instance, CrowdStrike faces a D&O lawsuit from shareholders claiming management failed in their duties, leading to significant financial losses as the company’s share price dropped post-incident. 

Furthermore, the outage has raised questions about the intersection between property insurance and cyber BI, revealing how both policies might be implicated in certain claims. This underscores the complexity of digital risk and its broad-reaching impacts, with coverage disputes likely to emerge across multiple lines of insurance.

 

The CrowdStrike outage underscored the need for more comprehensive approaches to cyber risk management, insurance policy wording, and third-party vendor assessments. For a deeper dive into these lessons, be sure to catch up on the full Q&A session with Sharon Haran from Parametrix. 

Unlock more world-class knowledge and expertise.

Upgrade your membership to enjoy unlimited access to premium content.

Upgrade Membership

Already have an account?

Sign in
Download Now

About Cyber Insurance Academy

The Cyber Insurance Academy was cultivated by the leading minds in cybersecurity and insurance, with a mission to help cyber insurance professionals stay ahead of the curve. We aim to address the industry’s educational gap and technical challenges, while fostering a vibrant community of like-minded professionals.

 

Our first-of-its-kind online campus blends a Gold-Standard CII-CPD accredited course, expert-led certification courses, industry-leading events, a top-tier content library, and a supportive, diverse and professional network that equips you with the confidence and expertise to lead in cyber insurance and make an impact.

You may also like

All posts

Want cyber insurance updates sent straight to your inbox?

Cyber Insurance Academy

Demonstrates the quality of the learning of the Cyber Insurance Academy and confirms that it meets CII/ Personal Finance Society member CPD scheme requirements.

Demonstrates the quality of the learning of the Cyber Insurance Academy and confirms that it meets CII/ Personal Finance Society member CPD scheme requirements.

COMPANY
LEARNING
LIBRARY
Join our newsletter!

Stay up-to-date on the latest cyber insurance news

Facebook Linkedin X-twitter Youtube

Copyright © 2024/2025 Cyber Insurance Academy

Report

Harassment or bullying behavior
Contains mature or sensitive content
Contains misleading or false information
Contains abusive or derogatory content
Contains spam, fake content or potential malware

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Invite this member to groups
  • Message this member
  • Add this member as a connection

Please note: This action will also remove this member from your connections and send a report to the site admin. Please allow a few minutes for this process to complete.

Report

You have already reported this .
Skip to content