Insurers to see limited hit from CrowdStrike disruption, Fitch says
The global insurance and reinsurance industry is likely to avoid any major financial impact from the outage sparked by CrowdStrike’s glitchy security software update that disrupted internet services worldwide last week, Fitch Ratings said.
Preliminary estimates suggest that insured losses could be in the range of mid-to-high single-digit billion dollars and most claims would be within the purview of primary insurers, the ratings agency wrote in a report on Monday.
The findings could allay investor concerns over claims and litigation stemming from the disruption. Insurers most exposed to such losses tend to transfer some of their liability to reinsurers.
CrowdStrike’s update crashed computers powered by Microsoft’s Windows operating system, restricting several industries such as airlines, banking and healthcare.
“Although standard cyber insurance covers cloud downtime due to security failure, operational failure or system failure of the insured’s own operations, it typically does not cover downtime due to non-malicious cyber events at a third-party network service provider,” said Loretta Worters, a spokesperson at the Insurance Information Institute.
Fitch, however, said accounting for cyber risk continues to be difficult for the insurance industry.