Better Decisions Brief: Perspectives on the CrowdStrike Outage

Better Decisions Brief: Perspectives on the CrowdStrike Outage
Technology

03 of 11

This insight is part 03 of 11 in this Collection.

August 2, 2024 3 mins

Better Decisions Brief: Perspectives on the CrowdStrike Outage

CrowdStrike Outage

On July 19, 2024, the CrowdStrike outage became one of the largest IT events in history, impacting businesses and customers around the world. Leaders now have an opportunity to reexamine technology dependencies and business continuity plans to mitigate similar risks in future.

Key Takeaways
  1. The outage was linked to a security update from CrowdStrike’s Falcon software, which then impacted Microsoft Windows systems. Based on public reporting to date, there is no evidence to suggest this situation is the result of an external compromise.
  2. While the root issue has been identified and fixes are now deployed, the event will continue to raise serious questions for business leaders and cyber professionals for quite some time.
  3. The outage has cost U.S. Fortune 500 companies $5.4 billion in total direct financial losses, according to an estimate from cloud monitoring and insurance firm Parametrix.

Five Actions to Take Following the CrowdStrike Outage

  1. Businesses should evaluate, update and test their business continuity and/or disaster recovery plans regularly. Using risk analytics, companies should evaluate the financial impact of an event as part of this process.
  2. Organizations should understand the dependencies and supply chain for critical infrastructure, and ensure they have adequate protection through contractual terms, insurance, or tested and resilient backup plans.
  3. If a downtime event occurs, or there are concerns that an IT or security event has occurred, businesses should notify their insurance brokers and partners promptly to determine what coverage might be available.
  4. Businesses should review their regulatory reporting obligations in light of the incident.
  5. For (re)insurers, this event is an opportunity to improve the granularity of policy information and to understand portfolio accumulation risks stemming from certain coverage grants. This will allow for more nuanced event loss estimation and accumulation scenario analysis. Furthermore, the industry has developed specific (re)insurance and bond products which this event will test.

Additional Perspectives on the CrowdStrike Outage

As we continue to learn more about the business, consumer, insurance and technology impacts of the CrowdStrike outage, our team is committed to sharing new information and insights with clients and partners. Additional perspectives on the CrowdStrike outage from Aon include:

The full implications of the CrowdStrike outage remain unknown and this story will unfold for months to come; however, this event is reminder of the dynamic nature of technology and the importance of robust incident response protocols. Should you wish to talk to Aon about responding to this event, please contact a colleague on our cyber leadership team.

Key Contacts

Asia-Pacific
Adam Peckman
[email protected]

Europe, Middle East & Africa
David Molony
[email protected]

Latin America
Sergio Torres
[email protected]

North America
Brent Rieth
[email protected]

General Disclaimer

The information contained herein and the statements expressed are of a general nature and are not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information and use sources we consider reliable, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. This information is not a replacement for legal, tax accounting or other professional advice and no one should act on such information without appropriate professional advice after a thorough examination of the particular situation.

Terms of Use

The contents herein may not be reproduced, reused, reprinted or redistributed without the expressed written consent of Aon, unless otherwise authorized by Aon. To use information contained herein, please write to our team.

More Like This

View All