Responding to the CrowdStrike Global IT Outage
Navigating new forms of volatility
The recent global IT outage related to the CrowdStrike update that impacted many organisations across the Asia Pacific region, is an important reminder of the robust resilience programs necessary to manage such events and highlights the need to be strategically prepared to limit disruptions.
Over recent years almost every business has accelerated their digital transformation, deploying more cloud-based services, adopting more Industrial Internet-of-Things (IIoT) devices and embracing advanced data analytics and edge computing. While these initiatives have provided unparalleled opportunities for innovation and efficiency, they have also increased vulnerability to disruption.
Outlined below are three key steps your organisation can proactively take to build resilience against the impact of potential future events.
Key Steps
Stress Test Cyber Coverages and Business Interruption Limits
Use realistic technology disaster scenarios to stress test current limits, sublimits and insurability to ensure you have the correct levels of business interruption coverage in your cyber program.
Test the Non-IT Response to IT-Related Disruptions
Ensure that current business continuity plans (BCP) can adequately address the critical dependencies on digital services and systems. It is important to identify critical business functions, establish plans and procedures to ensure their uninterrupted operations during disruptions, and create strategies for recovery and restoration of operations in the event of an unexpected incident or crisis.
Prepare for Claims
Ensure your organisation understands the roles, responsibilities, and protocols for notifying a complex cyber triggered business interruption claim to expedite access to vendors and capital.
How Aon Can Help
Cyber Impact Analysis
- Scenario Identification
We utilise our cyber data and analytics platform which includes loss data from more than 1,500 analysis projects and more than 50,000 incidents to identify scenarios.
- Financial Modelling
We build tailored financial models with over 50 cost categories to quantify estimated maximum loss (EML) figures for each scenario.
- Insurability
We then help determine insurability of each scenario, including a review of risk transfer options via insurance or other vehicle.
Business Continuity for Cyber Risk
- Diagnostics
The Aon team conducts proprietary maturity assessments to determine if existing business continuity strategies address current technology dependencies and latest cyber threats.
- Planning
We execute practical improvements to existing BCPs to help address disruptive cyber scenarios impacting critical technology.
- Testing
We also facilitate bespoke tabletop or simulation exercises to test awareness and effectiveness of BCPs in real-life settings.
Complex Cyber Claims Tabletops
- Through realistic claim scenarios, our team performs tabletop exercises to help organisations prepare and manage cyber incident claims to minimise damage and ensure efficient recovery.
Building Sustained Cyber Resilience
Aon helps organisations manage their full cyber risk lifecycle, with the goal of building and maintaining sustained cyber resilience. Our holistic cyber offerings – including proactive, reactive and cyber insurance coverage – help clients identify, assess, mitigate and transfer cyber risk and quickly recover from incidents. At every stage of this journey, we act as a trusted advisor, leveraging the deep and broad experience of our highly qualified team to support organisations to make decisions with clarity and confidence in a complex digital environment.
Contact our team today to learn more about how we can help.