American Invest Hub
  • Politics
  • Investing
  • Business
  • Latest News

American Invest Hub

  • Politics
  • Investing
  • Business
  • Latest News
Business

CrowdStrike losses may be biggest test yet of cybersecurity insurance risk warning from Warren Buffett

by admin July 26, 2024
July 26, 2024
CrowdStrike losses may be biggest test yet of cybersecurity insurance risk warning from Warren Buffett

At Berkshire Hathaway’s annual investor meeting earlier this year, Warren Buffett and his top insurance executive Ajit Jain issued a headline-grabbing warning that Berkshire would exercise caution regarding cyber insurance — in fact, it advised insurance agents to only sell cyber policies if they absolutely had to do so to satisfy a client, and to expect losses.

A primary reason cited is the difficulty in assessing the scale of losses possible from a single occurrence that spreads across technology systems, with Jain giving the hypothetical example of when a primary cloud provider’s platform “comes to a standstill.”

“That aggregation potential can be huge, and not being able to have a worst-case gap on it is what scares us,” he said.

Jain’s hypothetical seemed prescient when a quality control issue from cybersecurity firm CrowdStrike caused a worldwide IT outage that halted flights and freight, shuttered retail outlets, and caused hospitals to resort to charting on paper.

“Insurers have been worried about something like what happened with CrowdStrike since cloud adoption happened,” said Dale Gonzales, chief innovation officer at Axio, a cyber security risk analysis company.

But Gerald Glombicki, a senior director in Fitch Rating’s U.S. insurance group, believes the cyber insurance industry largely priced in the CrowdStrike meltdown correctly, and he expects it to be manageable rather than catastrophic for the cybersecurity insurance firms..

“It will have an impact because there will be losses,” said Glombicki, “but the modeling largely got it right. Mostly, we think the industry will handle it OK. There might be some issuers that mispriced policies,” he added. 

Fitch estimates that the number of insured losses will not exceed $10 billion, ending somewhere in the mid- to high-single billions and that the industry largely priced those in.

The cybersecurity insurance market did get lucky, in some respects, with the CrowdStrike meltdown. For one, there were no significant physical damages, such as explosions at power plants, dams bursting, or fires caused by overheating equipment, which are becoming a bigger cyberterrorism risk.

“Cyber events that have more of a physical consequence would be much bigger in size or scope in terms of losses,” Glombicki said.

Additionally, even though CrowdStrike is widely deployed, its market share, estimated at 17% by Fitch, is large but limited in total impact. Among the companies that did use CrowdStrike, the worst impacted seemed to be on businesses that need 24/7 availability, like hospitals and airlines, Glombicki said.

Another factor in holding down losses and distributing them unevenly across the globe is that the CrowdStrike failure impacted places like Australia and Pacific Asia in the middle of the business day, but other markets, including the U.S., were hit during the night or early morning and many businesses were able to get systems back up within hours.

Not all cyber experts are expressing as much confidence at this point. Josephine Wolff, an associate professor of cybersecurity policy at Tuft University’s Fletcher School who has been studying the evolving market for the past several years, suspects the CrowdStrike meltdown will send shock waves through the nascent cyber insurance market.

“It’s still pretty early to assess the volume of claims that insurers are going to see due to CrowdStrike, but I sense that there will be a lot of business interruption claims across all industry sectors, just based on the impacts we’ve seen covered in the news, and that it will be a very bad situation for insurers,” Wolff said.  

Wolff says the duration of the outages will influence the claims. Some businesses were out for hours; others were still struggling days later.

She compared it to the NotPetya cyberattacks launched by Russia in 2022, which halted much of the world’s freight.

“It’s possible that since some of these outages were shorter than what we saw after NotPetya, the claims may be smaller, at least in some cases,” Wolff said. However, she points out that the CrowdStrike glitch significantly impacted businesses, which was not the case with NotPetya.

“The U.S. is far and away the region with the highest rates of cyber insurance adoption, so I am guessing that this will be a bigger event for the cyber insurance industry both in terms of how many claims are filed and how big they are,” Wolff said.

In addition to unequal impact, cyber insurance policies themselves vary widely.

“Cyber insurance policies can be dramatically different. There is no standardization; terms and conditions can differ within a company depending on who wrote the policy,” Glombicki said.

Insurers are already cognizant of the unique challenges that cybersecurity poses for them, Gonzales said. As a result, the companies try to spread losses smartly by diversifying what is covered. However, the problem with cyberspace and ensuring its security is that it is still relatively unknown. But he doesn’t think it will drag down the whole insurance market.

“The losses won’t be as bad as hurricanes last year,” Gonzales said, adding that the comparison isn’t quite apples to apples since far more entities are insured in hurricane zones than there are cyber insurance policies. 

Gonzales says the primary claims will be for business interruption, which some policies specifically exclude anyway. But he does predict the CrowdStrike incident will cause litigation.

“CrowdStrike will be sued. There will be litigation,” he said.

“Everyone exceedingly well understands fire insurance because it has been litigated to death,” Gonzales said. 

Cyber insurance, on the other hand, hasn’t yet been litigated enough to establish protocols and precedents.

“The litigation will help define business interruption and define third-party culpability. The industry could use some defining, and hopefully, litigation fixes it,” Gonzales said. “Cyber events are evolving in ways that are slightly unpredictable. It creates a very dynamic environment,” he said, but he added, “I don’t think the CrowdStrike event will drastically change how people think about insurance.”

Ironically, the Crowdstrike event could create more interest in cybersecurity and draw more customers into the market, Glombicki said. “Boards will be asking about it,” he said.

This post appeared first on NBC NEWS

0
FacebookTwitterGoogle +Pinterest
previous post
Chipotle has been on a hot streak with customers
next post
Renewable energy demand could triple as electricity consumption surges

Related Posts

U.S. airlines cool hiring after adding 194,000 employees...

September 9, 2024

Amazon demands discounts from suppliers as Trump tariffs...

April 29, 2025

PepeX vs Dogecoin: Why PepeX is a better...

April 19, 2025

LAZR stock forecast: what to expect in 2025...

December 28, 2024

2 cannabis stocks to sell, 1 contrarian buy:...

April 4, 2025

Why the Fed’s keeping rates higher for longer...

April 26, 2024

Has DeepSeek really lowered compute demand in 2025?

March 31, 2025

This stock could nearly double your money in...

February 9, 2025

Target stock price forms bullish pattern, pointing to...

January 17, 2025

Hims & Hers stock price target according to...

February 10, 2025

    Stay updated with the latest news, exclusive offers, and special promotions. Sign up now and be the first to know! As a member, you'll receive curated content, insider tips, and invitations to exclusive events. Don't miss out on being part of something special.


    By opting in you agree to receive emails from us and our affiliates. Your information is secure and your privacy is protected.

    Latest News

    • Interview: Strategic location gives Brazil Potash cost advantage in domestic fertiliser market, says CEO Matt Simpson

      June 1, 2025
    • Canada’s Q1 GDP expands by 2.2%, driven by exports spike ahead of potential US tariffs

      June 1, 2025
    • President Trump to host farewell for Elon Musk as DOGE leader steps away

      June 1, 2025
    • UK’s digital banks face divergent fortunes: Starling stumbles, Monzo and Revolut soars

      June 1, 2025
    • Trump wants Apple to shift iPhone production from India to the US: here’s what it means

      May 18, 2025

    Categories

    • Business (3,032)
    • Investing (2,462)
    • Latest News (1,994)
    • Politics (1,530)
    • About us
    • Contact us
    • Privacy Policy
    • Terms & Conditions

    Disclaimer: americaninvesthub.com, its managers, its employees, and assigns (collectively “The Company”) do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.

    Copyright © 2025 americaninvesthub.com | All Rights Reserved