US Fortune 500 companies excluding Microsoft face $5.4 billion in losses thanks to the Crowdstrike outage last week — and Microsoft’s losses will add hundreds of millions of dollars more to the total, cloud insurer Parametrix said Wednesday.
The global tech outage – caused by a faulty update to Crowdstrike’s security software – crashed computers powered by Microsoft Windows on Friday, causing airlines to delay flights and doctors to postpone surgeries.
Cyber insurance policies will likely cover no more than 10% to 20% of the losses, or $540 million to $1.08 billion, Parametrix said, since many of the companies have large risk retentions.
Parametrix CEO Jonathan Hatzor told The Post he estimates Microsoft’s financial losses will be in the range of hundreds of millions of dollars due to the sheer size of the company.
He said it is difficult to estimate the exact losses for the IT company because they don’t hold much responsibility for the outage, but “got mixed up in the responsibility.”
“As time passed by, it’s more clear to everyone that Crowdstrike holds responsibility for the event,” he said.
While tech junkies knew the name Crowdstrike prior to the outage, most people did not – but they knew the name Microsoft. So the company will likely face “a lot of operational expenses and reputation damage,” he said.
A Microsoft rep couldn’t immediately be reached for comment on Wednesday.
“This is a huge wake up call for the industry,” Hatzor told The Post.
The weighted average loss for each Fortune 500 company is $44 million, but the range is wide. Most manufacturers will lose approximately $6 million, while airlines will average hits of $143 million, the insurer said.
The impact of the losses is also uneven. The healthcare and banking sectors, for example, comprise only 20% of Fortune 500 revenues but will absorb 57% of the total $5.4 billion financial losses, Parametrix said.
Direct financial losses will be largest in the healthcare industry, and then in the banking and airline industries, Parametrix said.
Hatzor recommended companies move away from their reliance on physical computers and toward cloud-based systems.
“Recovery was more dramatic and faster for cloud-companies compared to more legacy industries, like healthcare and airlines,” Hatzor said.
While Hatzor said prevention is important, risk carriers have limited control over these outages. Instead, he recommended they focus on mapping out their aggregation risk.
“Once you’re realizing which services are your key points of failure, now you can really think about redundancy and come up with a plan,” Hatzor told The Post.
Hatzor said companies should take a look at their insurance policies with fresh eyes to understand how they will be covered if future outages take place.
Some 40,000 New York City computers were still down on Tuesday, troubled by the “blue screens of death.”
City officials said the total number of devices affected by the outage ballooned from 90,000 to 300,000 over the weekend.