Press Release
July 24, 2024

CrowdStrike to Cost Fortune 500 $5.4 billion; Insured Loss Range of $540 million to $1.08 billion

NEW YORK —July 24, 2024Parametrix, the leading provider of cloud monitoring, modeling, and insurance services, estimates that the total direct financial loss facing the US Fortune 500 companies (excluding Microsoft) from the CrowdStrike outage on 19 July is $5.4 billion. The portion of the loss covered under cyber insurance policies is likely to be no more than 10% to 20%, due to many companies’ large risk retentions, and to low policy limits relative to the potential outage loss. The weighted average loss is $44 million per Fortune 500 company, but ranges from $6 million (manufacturing companies) to $143 million (airlines).

In-depth analysis by Parametrix estimates that the largest direct financial loss will be suffered by Fortune 500 companies in the healthcare sector ($1.938 billion), followed by banking ($1.149 billion). Companies in these sectors take 57% of the loss, but account for only 20% of Fortune 500 revenues, due to the uneven impact of the event on business sectors. Manufacturing, the largest sector by revenue, suffered a trivial loss of just $36 million in total when compared to its annual revenue of $3.4 trillion across 130 companies, while the event cost the six Fortune 500 airlines approximately $860 million, against revenue of $187.1 billion.

A quarter of the Fortune 500 was impacted (125 corporations), including 100% of airlines in the cohort, and 43% of retailer & wholesaler companies. About three quarters of health and banking sector firms suffered direct costs. Beyond such primary financial losses, CrowdStrike’s impact on critical services resulted in a cascade of operational delays affecting the Fortune 500 companies and their downstream entities. A forthcoming Impact Analysis, CrowdStrike’s Impact on the Fortune 500, to be published imminently by Parametrix Analytics, concludes that:

1. Traditional industries relying on physical computers experienced longer recovery times, which underlines the resilience and rapid recovery of cloud-based systems.

2. Cyber (re)insurers can manage systemic risk through strategic diversification across industry sectors, service providers, and company sizes.

3. The impact of the CrowdStrike outage was distinct due to its deployment both on-premises and via the cloud. Insurers should therefore not rely solely on the CrowdStrike event for modeling future cloud-based failures.

Parametrix unparalleled insight into the financial impact of the CrowdStrike event is based on:

  • more than 54 billion data points, which together define the historical performance of cloud services, 
  • extensive expertise in system failures and business interruption losses, and 
  • direct monitoring of the real-time service status of 6,000 leading technology businesses, including a significant portion of the Fortune 500. 

“Our analysis of the CrowdStrike outage shows not only the possible extent of a systemic cyber loss event, but also its boundaries,” said Jonatan Hatzor, co-founder and CEO of Parametrix. “It tells us more about the ways that insurers and reinsurers can diversify their cyber risk portfolios to minimize the potential impacts of systemic cyber risk. However, our analysis does not show the whole diversification picture. A cyber insurer focused on very large companies will certainly suffer a much greater CrowdStrike loss relative to premium than one with a large SME book.” 

He continued: “Prevention is important, but risk carriers have limited control over event occurrences and service-provider practices. The industry should focus on controllable areas, like mapping and managing aggregation risk. By understanding these points, we can evaluate key exposures, and mitigate both malicious and non-malicious threats. This proactive approach enables better underwriting decisions, and effective risk-transfer solutions to manage systemic risk.”

About Parametrix

Parametrix, the leading provider of cloud monitoring, modeling, and insurance services, is a Managing General Agent and Lloyd’s Coverholder based out of New York that underwrites parametric insurance against digital supply chain interruption. Parametrix uses proprietary technology to continuously monitor the performance of a variety of third-party IT services across the globe, and to collect granular data on service interruptions. It uses that data to assess risk, provide instant insurance quotations, and to streamline claims payments, which are delivered within days. Parametrix policies are backed by major A-rated global insurers. Parametrixinsurance.com

Download CrowdStrike's Impact on the Fortune 500

Explore more resources
Parametrix creates cutting-edge tools and models that enable companies, insurers, and reinsurers to quantify, manage, and transfer their exposure to cloud outage risk with unparalleled accuracy.
SOLUTIONS
HomeBrokersAnalytics
COMPANY
CompanyContact usPolicy wording
RESOURCES
BlogReportsIn the newsFAQ
linkedin
©2024 Parametrix Solutions, Inc.
Privacy PolicyLicensesTerms of use
The products and services referred to on this website are available only in the jurisdictions in which we are licensed to transact insurance business. Nothing on this website shall be construed as an offer or solicitation to purchase insurance in any other jurisdiction. The availability, terms, and conditions of such products and services may vary by jurisdiction. The list of licenses held by Parametrix Insurance Services LLC as an insurance producer and surplus lines broker in the US states can be viewed on our license page. Parametrix provides insurance products in connection with potential downtime on services represented by brands which this website displays. Parametrix is not affiliated to, associated with, or sponsored by the owners of these brands.
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
PreferencesDenyAccept