Cowbell Chronicles: August 2024

Cowbell

Cowbell is the leader in cyber insurance for small and medium-sized enterprises (SMEs).

Published Aug 29, 2024

Cowbell Chronicles features monthly updates from across the cybersecurity industry, insights from our experts, and news about our latest products and features for policyholders and partners.

This month, we wanted to share a quick synopsis of last month’s CrowdStrike outage, lessons learned, and how agents can help clients select the right vendor to mitigate risk.

Unpacking the CrowdStrike Outage, an Unprecedented Disruption in Cybersecurity.

Last month, an update published by CrowdStrike—a provider of endpoint protection, threat intelligence, and cyberattack response services—caused one of the biggest information and technology outages to date. The outage impacted an estimated 8.5 million systems and disrupted business operations in all sectors, including healthcare, finance, travel, etc. Delta alone lost $550 million in business during the outage. CrowdStrike published the results of its investigations into the causes of the incident, admitting that its testing processes were not adequate.

The Cowbell cybersecurity team worked throughout the day to identify potentially impacted policyholders, compose reports, and engage with agents and partners to minimize business interruption for clients. This work brought the Cowbell team close to the incident, and once again highlighted the need for small and medium-sized enterprises (SMEs) to invest in robust protection measures that enhance their cyber posture.

Valuable Lessons

As SMEs continue to do more business online and cyber threats continue to evolve, policyholders must understand that the concept of risk exposure includes both internal and external risks. While the CrowdStrike incident was not an offensive attack, it still underscored the need to have robust cyber protection. Small and mid-sized businesses are increasingly targeted by cybercriminals, who exploit system gaps to access sensitive data and disrupt operations. A comprehensive cyber insurance policy not only provides financial coverage in the event of a breach but also offers critical support services, such as incident response, legal guidance, and public relations management. Our cybersecurity team worked tirelessly throughout the day of the event to support our partners whose clients were impacted by the CrowdStrike outage.

By ensuring your clients have adequate cyber protection, you're helping them safeguard their assets, maintain their reputation, and ensure business continuity in the face of potential cyber incidents. As an agent, it’s worth understanding how to best advise clients when they are engaging a vendor to provide cyber protection and consider: supply chain impact, a firm’s capacity to properly respond to an incident, and insurance coverages.

CrowdStrike serves large enterprises so the outage had a sizable impact across the economy. That said, even small providers can have reverberating effects across the supply chain given how interconnected businesses are today. It’s worth considering that because CrowdStrike is a large and well-resourced organization, it was able to identify the causes of the outage and engineer and distribute a fix roughly three hours after the start of the incident. Smaller firms may not have enough staff on hand to react as swiftly, thus prolonging downtime, business disruption, and losses. Last, if an organization suspects that a cyberattack has occurred, or experienced impact from a third party's cyber event, they should immediately notify their insurer for support.

Cowbell Services and Support

In the end, the best cybersecurity solution for an SME is one that best fits their business, budget, and meets regulations. The CrowdStrike incident was a poignant reminder that businesses of all sizes will be impacted at some point by a cyber event and having the right protection in place is fundamental to responsible business practice.

Whether choosing a large cybersecurity service provider or a smaller one, there are configurations and backup solutions that can help mitigate an incident and get your client's business operating as quickly as possible. Cowbell provides many resources to boost your cybersecurity and our team of experts is always on hand to help you and your clients navigate this continually evolving landscape.

Written by Matthieu Chan Tsin, Vice President, Cybersecurity Services

Our goal is to build a cyber-resilient economy - protecting small and medium-sized enterprises (SMEs), and mid-market businesses from advanced cyber threats. Staying informed and understanding emerging trends is essential.