• Investing
  • Stock
Round Table Thoughts
  • Economy
  • Editor’s Pick
Home Editor's Pick CrowdStrike losses may be biggest test yet of cybersecurity insurance risk warning from Warren Buffett
Editor's Pick

CrowdStrike losses may be biggest test yet of cybersecurity insurance risk warning from Warren Buffett

by July 25, 2024
by July 25, 2024 0 comment
Share
0
FacebookTwitterPinterestWhatsapp

At Berkshire Hathaway’s annual investor meeting earlier this year, Warren Buffett and his top insurance executive Ajit Jain issued a headline-grabbing warning that Berkshire would exercise caution regarding cyber insurance — in fact, it advised insurance agents to only sell cyber policies if they absolutely had to do so to satisfy a client, and to expect losses.

A primary reason cited is the difficulty in assessing the scale of losses possible from a single occurrence that spreads across technology systems, with Jain giving the hypothetical example of when a primary cloud provider’s platform “comes to a standstill.”

“That aggregation potential can be huge, and not being able to have a worst-case gap on it is what scares us,” he said.

Jain’s hypothetical seemed prescient when a quality control issue from cybersecurity firm CrowdStrike caused a worldwide IT outage that halted flights and freight, shuttered retail outlets, and caused hospitals to resort to charting on paper.

“Insurers have been worried about something like what happened with CrowdStrike since cloud adoption happened,” said Dale Gonzales, chief innovation officer at Axio, a cyber security risk analysis company.

But Gerald Glombicki, a senior director in Fitch Rating’s U.S. insurance group, believes the cyber insurance industry largely priced in the CrowdStrike meltdown correctly, and he expects it to be manageable rather than catastrophic for the cybersecurity insurance firms..

“It will have an impact because there will be losses,” said Glombicki, “but the modeling largely got it right. Mostly, we think the industry will handle it OK. There might be some issuers that mispriced policies,” he added. 

Fitch estimates that the number of insured losses will not exceed $10 billion, ending somewhere in the mid- to high-single billions and that the industry largely priced those in.

The cybersecurity insurance market did get lucky, in some respects, with the CrowdStrike meltdown. For one, there were no significant physical damages, such as explosions at power plants, dams bursting, or fires caused by overheating equipment, which are becoming a bigger cyberterrorism risk.

“Cyber events that have more of a physical consequence would be much bigger in size or scope in terms of losses,” Glombicki said.

Additionally, even though CrowdStrike is widely deployed, its market share, estimated at 17% by Fitch, is large but limited in total impact. Among the companies that did use CrowdStrike, the worst impacted seemed to be on businesses that need 24/7 availability, like hospitals and airlines, Glombicki said.

Another factor in holding down losses and distributing them unevenly across the globe is that the CrowdStrike failure impacted places like Australia and Pacific Asia in the middle of the business day, but other markets, including the U.S., were hit during the night or early morning and many businesses were able to get systems back up within hours.

Not all cyber experts are expressing as much confidence at this point. Josephine Wolff, an associate professor of cybersecurity policy at Tuft University’s Fletcher School who has been studying the evolving market for the past several years, suspects the CrowdStrike meltdown will send shock waves through the nascent cyber insurance market.

“It’s still pretty early to assess the volume of claims that insurers are going to see due to CrowdStrike, but I sense that there will be a lot of business interruption claims across all industry sectors, just based on the impacts we’ve seen covered in the news, and that it will be a very bad situation for insurers,” Wolff said.  

Wolff says the duration of the outages will influence the claims. Some businesses were out for hours; others were still struggling days later.

She compared it to the NotPetya cyberattacks launched by Russia in 2022, which halted much of the world’s freight.

“It’s possible that since some of these outages were shorter than what we saw after NotPetya, the claims may be smaller, at least in some cases,” Wolff said. However, she points out that the CrowdStrike glitch significantly impacted businesses, which was not the case with NotPetya.

“The U.S. is far and away the region with the highest rates of cyber insurance adoption, so I am guessing that this will be a bigger event for the cyber insurance industry both in terms of how many claims are filed and how big they are,” Wolff said.

In addition to unequal impact, cyber insurance policies themselves vary widely.

“Cyber insurance policies can be dramatically different. There is no standardization; terms and conditions can differ within a company depending on who wrote the policy,” Glombicki said.

Insurers are already cognizant of the unique challenges that cybersecurity poses for them, Gonzales said. As a result, the companies try to spread losses smartly by diversifying what is covered. However, the problem with cyberspace and ensuring its security is that it is still relatively unknown. But he doesn’t think it will drag down the whole insurance market.

“The losses won’t be as bad as hurricanes last year,” Gonzales said, adding that the comparison isn’t quite apples to apples since far more entities are insured in hurricane zones than there are cyber insurance policies. 

Gonzales says the primary claims will be for business interruption, which some policies specifically exclude anyway. But he does predict the CrowdStrike incident will cause litigation.

“CrowdStrike will be sued. There will be litigation,” he said.

“Everyone exceedingly well understands fire insurance because it has been litigated to death,” Gonzales said. 

Cyber insurance, on the other hand, hasn’t yet been litigated enough to establish protocols and precedents.

“The litigation will help define business interruption and define third-party culpability. The industry could use some defining, and hopefully, litigation fixes it,” Gonzales said. “Cyber events are evolving in ways that are slightly unpredictable. It creates a very dynamic environment,” he said, but he added, “I don’t think the CrowdStrike event will drastically change how people think about insurance.”

Ironically, the Crowdstrike event could create more interest in cybersecurity and draw more customers into the market, Glombicki said. “Boards will be asking about it,” he said.

This post appeared first on NBC NEWS
You Might Also Like
  • 5G IoT Device Market Outlook, Chipset trend
  • Etsy CEO says company is escaping ‘race to the bottom’ and getting back to its artisan roots
  • Trump commutes sentence of Ozy Media founder Carlos Watson
  • TikTok-inspired thefts prompt 17 states to urge recall of Kia, Hyundai vehicles
Share
0
FacebookTwitterPinterestWhatsapp

previous post
5 key takeaways of Biden’s address to the nation from the Oval Office
next post
Trump’s new book ‘Save America’ chronicles first-term triumphs, outlines blueprint for a winning second

You may also like

Wendy’s will offer $3 breakfast deal, as rivals such as...

May 21, 2024

Fed Chair Jerome Powell says inflation has been higher than...

May 15, 2024

Nearly all of the homes listed for sale in 2023...

December 22, 2023

Netflix to stream WWE’s ‘Raw’ starting next year in its...

January 24, 2024

U.S. autoworkers union seeks tough victory at Mercedes plant in...

May 14, 2024

Dow tumbles 475 points, S&P 500 suffers worst day since...

April 15, 2024

Car insurance rates are nuts right now. Here’s how to...

April 20, 2024

Federal prosecutors are examining financial transactions at Block, owner of...

May 2, 2024

Robinhood CEO sees Amazon-like subscription model as path to ‘loyalty’...

March 28, 2025

Semtech Corporation Completes Acquisition of Sierra Wireless

January 13, 2023

    Stay updated with the latest news, exclusive offers, and special promotions. Sign up now and be the first to know! As a member, you'll receive curated content, insider tips, and invitations to exclusive events. Don't miss out on being part of something special.


    By opting in you agree to receive emails from us and our affiliates. Your information is secure and your privacy is protected.

    Recent Posts

    • Krispy Kreme stock plunges after doughnut chain pauses McDonald’s rollout, pulls outlook

      May 8, 2025
    • Don’t Buy Robinhood Stock… Until You See This Chart Setup

      May 8, 2025
    • UnitedHealthcare sued by shareholders over reaction to CEO’s killing

      May 8, 2025
    • The Unpredictable Stock Market: How to Make Sense of It

      May 8, 2025
    • AMD CEO calls China a ‘large opportunity’ and warns against strict U.S. chip controls

      May 7, 2025

    Popular Posts

    • 1

      Trump-era China sanctions ended by Biden may be...

      June 27, 2024 2,630 views
    • 2

      Walz’s honeymoon with China gets fresh scrutiny as...

      August 9, 2024 2,339 views
    • 3

      Biden appointee played key role in recruiting Chinese...

      June 25, 2024 2,320 views
    • 4

      Shein’s global ambitions leaves some cybersecurity experts fearful...

      July 10, 2024 2,302 views
    • 5

      Harris VP pick spent years promoting research facility...

      August 29, 2024 2,186 views

    Categories

    • Economy (7,009)
    • Editor's Pick (2,066)
    • Investing (538)
    • Stock (2,530)

    Popular Posts

    • 1

      Trump-era China sanctions ended by Biden may be revived under new House GOP bill

      June 27, 2024
    • 2

      Walz’s honeymoon with China gets fresh scrutiny as Harris camp blasts ‘lying’ critics

      August 9, 2024
    • 3

      Biden appointee played key role in recruiting Chinese businesses to Delaware: ‘Longtime friends’

      June 25, 2024
    • 4

      Shein’s global ambitions leaves some cybersecurity experts fearful of Chinese spy threats

      July 10, 2024
    • 5

      Harris VP pick spent years promoting research facility that collaborated with ‘Chinese military company’

      August 29, 2024

    Latest News

    • Krispy Kreme stock plunges after doughnut chain pauses McDonald’s rollout,...

      May 8, 2025
    • Don’t Buy Robinhood Stock… Until You See This Chart Setup

      May 8, 2025
    • UnitedHealthcare sued by shareholders over reaction to CEO’s killing

      May 8, 2025

    Categories

    • Economy (7,009)
    • Editor's Pick (2,066)
    • Investing (538)
    • Stock (2,530)

    Disclaimer: RoundTableThoughts.com, its managers, its employees, and assigns (collectively “The Company”) do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.

    Copyright © 2024 RoundTableThoughts.com. All Rights Reserved.

    Round Table Thoughts
    • Investing
    • Stock
    Round Table Thoughts
    • Economy
    • Editor’s Pick

    Read alsox

    Starbucks to face lawsuit alleging its...

    September 22, 2023

    Darden Restaurants sales disappoint as Olive...

    March 20, 2025

    AMD launches AI chip to rival...

    October 10, 2024
    Sign In

    Keep me signed in until I sign out

    Forgot your password?

    Password Recovery

    A new password will be emailed to you.

    Have received a new password? Login here