CyberCube, the leading provider of cyber risk analytics to quantify cyber risk, estimates preliminary insured losses from the July 19 CrowdOut event for the standalone cyber insurance market at between $400mn and $1.5bn. The faulty CrowdStrike Falcon Sensor update and subsequent outage - the CrowdOut Event - would represent a loss ratio impact of roughly 3-10% on global cyber premiums of $15bn today.

This scale of loss could make the CrowdOut event the largest single insured loss event in the history of the affirmative cyber insurance industry over the past 20 years. At the same time, an event of this scale does not come close to the extreme scenarios currently being modeled by cyber insurers and reinsurers.

Based on CyberCube’s current estimates, the event represents a loss somewhere between the 1-in-2 and the 1-in-6 year industry loss return periods, according to the company’s cyber catastrophe model and industry exposure database. CyberCube’s Portfolio Manager product, which is used by 30 of the 40 largest US and European cyber insurers, shows far more destructive scenarios that can reach loss ratios of 234% in more extreme events at 1-in-200 year return periods. As such, the CrowdOut event is a major event for the cyber insurance market but does not come close to the destructive potential that leading insurers are holding capital against.

CyberCube’s current estimates are provisional and based on the best information we have available, as the event is still unfolding, with a relatively significant percentage of systems yet to be restored. Each insurance carrier’s claims experience depends on some pivotal criteria relating to the characteristics of their specific portfolio including coverage for non-malicious system failure, contingent business interruption (CBI), and the makeup of insureds in that portfolio. While each insurance portfolio will substantively differ in these respects and as such it would not be accurate to apply cyber insurance market share allocations to reach an individual carrier’s loss potential, we expect carriers to see disproportionate losses in portfolios that have significant large corporate exposures.

CyberCube's Cyber Aggregation Event Response Service (CAERS) was activated as a result of the CrowdOut event. CAERS provides up-to-date intelligence on major cyber catastrophes worldwide as they unfold to ensure CyberCube clients have information that is relevant and tailored to the insurance market. CyberCube will continue to monitor this developing event and provide support for customers in calculating the impact on their own cyber insurance portfolios.

About CyberCube

CyberCube is the leading provider of software-as-a-service cyber risk analytics to quantify cyber risk in financial terms. Driven by data and informed by insight, we have harnessed the power of artificial intelligence to supplement our multi-disciplinary team. Our clients rely on our solutions to make informed decisions about managing and transferring cyber risks. We unpack complex cyber threats into clear, actionable strategies, translating cyber risk into financial impact on businesses, markets, and society as a whole.

The CyberCube platform was established in 2015 within Symantec and now operates as a standalone company. Our models are built on an unparalleled ecosystem of data and validated by extensive model calibration, internally and externally. CyberCube is the leader in cyber risk quantification for the insurance industry, serving over 100 insurance institutions globally. The company’s investors include Forgepoint Capital, HSCM Bermuda and Morgan Stanley Tactical Value. For more information, please visit www.cybcube.com or email info@cybcube.com.

Yvette Essen, Head of Content, Communications & Creative, yvettee@cybcube.com