Markel Cyber ​​Director on lessons learned from Crowdstrike outage

Lessons from the CrowdStrike outage

Reflecting on the CrowdStrike incident, Chris described it as an important wake-up call for the cyber industry.

“The CrowdStrike/Falcon IT outage made headlines around the world… after a technical update flaw affected approximately 8.5 million Microsoft Windows devices,” said Chris.

This issue was caused by a logic error in one of CrowdStrike’s software products, Falcon, which caused serious disruptions in various sectors. Despite CrowdStrike’s quick response, the event’s cost to organizations was an estimated $1 billion.

This incident highlighted the urgent need for more comprehensive regression testing by cyber vendors to identify potential bugs before releasing updates.

Chris noted that such testing could help companies mitigate risk by identifying errors early, thereby avoiding costly disruptions.

Following the outage, regulators called for stricter cybersecurity controls, prompting companies to re-evaluate and improve their emergency planning to minimize downtime if similar incidents occur.

This response represents a collective step toward a more resilient cyber environment where preparation is not optional but essential to business continuity.

The introduction of cyber insurance in business

Despite the obvious risks, only a minority of companies currently have cyber insurance.

According to the recent Cyber ​​Security Breaches Survey, only 43% of companies are insured against cyber threats.

Chris highlighted two main factors influencing this trend. “Larger organizations have a high adoption rate… However, SMEs are often in a different situation; they focus on growth and survival, which means non-compulsory insurance, such as: B. cyber insurance, may be ignored.”

Larger companies prefer cyber insurance due to their large balance sheets, shareholder interests and reputational risks, which can be severely affected in the event of a cyber incident.

SMBs, on the other hand, often operate with limited resources and are primarily concerned with immediate growth and stability, which is why cyber insurance is a lower priority.

However, the cyber insurance market is evolving and SMEs are increasingly recognizing the value of such coverage.

Chris emphasized: “We need to raise awareness of what insurance coverage is available to SMEs and how cyber insurance can help their business grow and protect it from financial stress.”

The benefits of cyber insurance for SMEs include access to crisis management services such as legal advice and forensic IT support, which can prove invaluable in mitigating the impact of a cyber incident.

For many smaller businesses, these resources provide an important safety net that allows them to recover more effectively from cyber threats.

Protect against black swan events and future threats

Cyber ​​incidents like the CrowdStrike outage are often referred to as “black swan events” – unpredictable events that result in significant disruption.

“A black swan event in the cyber world refers to an event that we have never seen before3,” says Chris. “Since the CrowdStrike incident, we have seen companies become increasingly dependent on the technology they use to operate.”

Companies are increasingly reliant on third-party providers for services such as hosting, data processing and storage, making them even more exposed to these unforeseen events.

Chris pointed out that cyber coverage could provide critical protection in such scenarios. Cyber ​​insurance policies are typically designed to cover costs associated with data breaches, including customer notification, IT recovery and public relations to repair reputational damage.

Additionally, they cover financial losses due to business interruption, legal costs, and sometimes even ransom payments related to ransomware attacks where permitted by law.

According to Chris, the evolving nature of the cyber insurance market reflects the growing recognition of the need for comprehensive protection that covers both direct and indirect consequences of cyber incidents.

Chris highlighted other trends that organizations should keep an eye on, including the rapid pace of technological advancement, the changing threat landscape with increasingly sophisticated attacks, and evolving regulations around privacy and cybersecurity standards.

“The speed of technological developments … and the associated risks for us as individuals and companies are difficult to understand,” he explained.

Supporting businesses in the face of threats

To help companies address these challenges, Chris and his team at Markel have invested significantly in upskilling and training to ensure their underwriters have the expertise to accurately assess IT risks.

“We recently updated our Cyber ​​360 product to provide our customers with 24/7 breach response services,” he shared.

This comprehensive approach ensures that Markel’s customers have the resources to respond effectively to cyber incidents and provides them with a robust safety net that complements their internal cybersecurity measures.

Ultimately, cyber resilience is an ongoing process that requires continuous adaptation to new threats, technologies and regulatory requirements.

Chris’ advice to companies looking to improve their operational resilience is clear: “Invest in cyber coverage… to complement your approach to cyber security.”

As the frequency and complexity of cyber threats increases, it becomes increasingly important to have both preventive measures and reactive solutions in place to help organizations protect their operations, data and reputation in an unpredictable digital landscape.

*****

Be sure to check out the latest edition of Cyber ​​Magazine and also register for our global conference series – Technology & AI LIVE 2024

*****

Cyber ​​Magazine is a BizClik brand