Insurers are bracing for hundreds, if not thousands, of claim notifications from organizations that are impacted by the CrowdStrike event. However, not all businesses would get insurance cover for their lost time and money. A typical business interruption policy within a regular commercial insurance program would not provide coverage against losses stemming from Friday's outage. And not every cyber insurance policy likely has coverage for business interruption; such coverage would have to be bought separately at extra cost.
Some cyber insurance policies exclude non-malicious events, and there are waiting periods and deductibles that businesses will have to consider before making a claim with their insurance carriers. Economic damages could reach tens of billions of dollars in such events, and added the outage should be considered an example of an "event that can produce what could be defined as an insurance catastrophe.
The event could also bring with it legal claims for CrowdStrike and Microsoft. A defective update by CrowdStrike, designed to protect Microsoft Windows systems, triggered the global IT outage.
Airlines (and other industries) might have rights under their contracts that allow them financial or other remuneration based on the CrowdStrike outage. The outage caused major issues for travelers around the world – grounding planes for hours.
Travel insurer anticipates an increase in travel insurance claims, with the most from travel delay and missed connection policies. More than 1,600 customers may be impacted as they depart for or return from trips on Friday.
Industry experts also said that force majeure would not apply for the event.Force majeure clauses in contracts remove liability for unforeseeable and unavoidable catastrophes that prevent participants from fulfilling obligations.This is exactly what cyber insurance is meant to cover. ... This is not something that is outside of our control.
No comments:
Post a Comment