Parametrix Insurance Services LLC, a provider of technology downtime insurance, said Wednesday that insured losses among U.S. Fortune 500 companies caused by last week’s CrowdStrike outage are likely to be between $540 million and $1.8 billion.
Parametrix estimates the total direct financial loss facing Fortune 500 companies, excluding Microsoft, is $5.4 billion, but it said the portion of the loss covered under cyber insurance policies is likely to be no more than 10% to 20% “due to many companies’ large risk retentions, and to low policy limits relative to the potential outage loss,” Parametrix said in a statement.
Sector loss estimates range from $6 million for manufacturing companies to $143 million for airlines, with the weighted average loss $44 million per Fortune 500 company.
The largest average direct financial loss will be suffered by Fortune 500 companies in the health care sector, $1.938 billion, and banking, $1.149 billion, together comprising 57% of the total loss, according to Parametrix data.
A quarter of the Fortune 500 was impacted — 125 corporations, including 100% of airlines in the group, and 43% of retailer and wholesaler companies. Roughly three quarters of health and banking sector companies suffered direct costs.
Traditional industries relying on physical computers experienced longer recovery times, Parametrix said.
Jonatan Hatzor, co-founder and CEO of Parametrix, said in the statement that a cyber insurer focused on very large companies will suffer a much greater CrowdStrike loss relative to premium than one with a large book of small and midsized enterprises business.
The July 19 event was triggered by a defective update from CrowdStrike’s Falcon product that caused Microsoft Windows systems to crash, resulting in wide-ranging and lingering fallout, with some airlines still struggling to resume normal operations.
