CrowdStrike Outage – Insurance Recoveries

Many businesses have suffered losses following a catastrophic IT failure when an update released on 19 July by US cybersecurity firm, CrowdStrike, caused crashes on Microsoft Windows systems globally.

We are recommending that policyholders review the scope of coverage available under their cyber and property damage/business interruption insurance.

What to look out for:

• Is there cyber cover for system failure that responds to accidental (i.e. non-malicious) events such as this?
• Are there any relevant business interruption waiting periods to consider?
• What other losses are covered – such as the cost of data restoration, incident response and voluntary shutdown?
• Is there cover for supply chain failure?
• In the context of PD/BI policies, the ‘damage’ trigger will need careful consideration.

What steps do you need to take?:

• Ensure timely compliance with notification provisions and other claims conditions
• Have steps been taken to mitigate losses so far as possible?
• Make sure accurate records are kept of the sequence of events and the losses that have been incurred as a result of the outage.

Please get in touch if we can be of any assistance, or if you have any queries.

Joanna Grant is the Managing Partner of Fenchurch Law