The vast majority of executives see cloud downtime events as catastrophic and irrecoverable, while incorrectly believing they are protected by their current insurance program, according to Parametrix survey
NEW YORK — Sept. 8, 2022 — Parametrix, the provider of technology downtime insurance, today announced the results of a survey of 324 corporate decision-makers about cloud reliance, downtime concerns, and downtime insurance coverage. The survey was conducted in July 2022 by Momentive and polled decision-makers in finance, banking, SaaS, healthcare, software, retail, e-commerce, entertainment, gaming and streaming industries.
The survey revealed that cloud reliance and downtime concerns are increasing. Ninety-five percent of corporate decision-makers responded that their business is dependent on the cloud, and nearly half said cloud is a mission-critical service. As reliance on the cloud increases, so does concern about downtime; 41% of respondents indicated they are more concerned about downtime this year than last year, and 93% of the business decision-makers responded they are very concerned about cloud downtime. According to Parametrix data, this is no surprise as outage events happen frequently; more than 100 events have been detected across the three major cloud providers in the last three years. The top industries represented among the respondents who are very concerned are finance, banking, SaaS, healthcare, software, retail e-commerce, entertainment, gaming and streaming.
Cloud downtime losses are catastrophic
The survey also revealed a few hours of downtime is a catastrophic event for a business. A majority of respondents (56%) estimate that the cost of cloud downtime to their business would be between $25,000 and $100,000 per hour, while 18% estimate losses of $100,000 to $500,000 per hour and 2% estimate losses over $1 million per hour. Nearly one-third (31%) of respondents indicated that eight hours of cloud downtime during business hours would be catastrophic and 36% said it would be a non-recoverable incident — that is, they wouldn’t be able to recover from the damage it would cause to their business or their revenue.
According to survey responses, the finance and software industries are the top industries where a downtime of eight hours would be catastrophic, while respondents from the entertainment, online gaming, streaming, software, SaaS, healthcare, insurance and banking industries said eight hours of downtime would be non-recoverable.
When asked how businesses are affected during a downtime event, 52% of respondents said a downtime event upsets customers and increases risk of customer churn; 50% responded it causes lost revenue and sales; and 52% replied it interrupts office work or halts manufacturing.
Cyber and E&O coverage misconceptions
The survey also revealed there are many misconceptions about the scope of cyber and errors and omissions (E&O) insurance policies. The main misconception is that these policies cover any losses from any cloud downtime regardless of length and severity, but they do not.
While the aim of cyber insurance policies is to protect the insured against security failures, data breaches and ransomware attacks, and the aim of E&O policies is to protect policyholders from liability for negligent acts, errors or omissions, they both may provide limited coverage for cases when system failure is caused by unavailability of the supply chain, such as a cloud provider outage. This limited coverage is characterized by low coverage limits, long waiting periods of between eight and 48 hours, narrow coverage triggers, significant deductibles and retentions as well as long and cumbersome claims processes and forensic investigations.
Moreover, while 46%, 39%, and 37% of respondents would like their downtime insurance policy to cover loss of productivity, lost sales, and SLA (service-level agreement) payouts, respectively, cyber and E&O policies limit the payout to proven loss of net profit or loss mitigation expenses.
“The survey results reveal that businesses have massive exposure to cloud downtime and incorrectly believe they are well protected by their cyber or E&O policies. However, cyber and E&O policies do not cover most actual downtime events and losses, including short events under eight hours and compensation for business loss and SLA breaches,” said Yonatan Hatzor, co-founder and CEO, Parametrix. “Insurance customers should consult their brokers about their current downtime insurance program regarding dependent business insurance, waiting periods, retentions and perils, and about the differences between cyber, E&O and cloud downtime insurance.”
Cyber and E&O waiting period misconceptions
While currently the waiting period — the minimum outage time required for an outage event to be covered by cyber or E&O insurance — ranges between eight and 48 hours, there is a widespread lack of awareness of the existence of the waiting period. Of those who incorrectly believe their policies cover downtime for any reason, 86% believe the coverage kicks in for downtime events in less than eight hours; 62% believe the coverage kicks in within the first hour and 24% believe it takes effect between one and eight hours.
Reasons for insuring against cloud downtime
While most respondents incorrectly believe their cyber or E&O policy covers cloud downtime for any reason, they also indicated their main reasons to purchase cloud downtime insurance coverage: to have flexibility to spend money repairing the damage caused by the outage (41%); a fiduciary responsibility of the board to shareholders (39%); part of holistic risk management approach (35%); or to ensure that lost revenue streams are mitigated (35%).