The recent large-scale Amazon Web Services (AWS) outage represents a moderate incident for cyber (re)insurers, according to CyberCube, the cyber risk analytics provider. The scale, duration, as well as geographic concentration of the disruption, “centered in the US-East-1 (N. Virginia) region, underscore the systemic risk of major cloud provider dependencies and specific regions.”
US-East-1 is vital since it is AWS’s largest and oldest region, hosting core services, management infrastructure, and global control planes “that other AWS regions and customers depend on for authentication, routing, and service coordination.”
After the outage on 20 October, which affected a broad set of downstream dependent platforms, including Snapchat, Fortnite, Roblox, Coinbase, and Ring, CyberCube’s Cyber Aggregation Event Response Service (CAERS) initial procedures had been activated.
CAERS offers up-to-date intelligence on cyber catastrophes as they unfold to ensure CyberCube clients have the relevant details regarding aggregation events. CyberCube has created a Security Incident Report (SIR) for clients and will “issue follow-on guidance as appropriate.”
In its SIR and a blog, CyberCube cautions that the AWS incident highlights systemic risk from “concentrated cloud-provider dependencies and underscores the exposure of digital ecosystems to a single cloud region/critical service failure.”
It said that this AWS outage underscores systemic cloud services provider concentration risk. With disruptions “extending 15 to 16 hours and most waiting periods in the 8 to 12-hour range, this outage could represent a moderate cyber (re)insurance event.”
Primary impacts are most likely to impact system failure (i.e. non-malicious) contingent “business interruption (CBI) coverage, as well as the potential for incident response and data restoration costs.”
The SIR blog added that the outage had impacted a wide range of critical services across sectors with considerable cloud reliance. While not all losses will be insured, the event could potentially “drive CBI claims, particularly among large enterprises with high sensitivity to service continuity.”
CyberCube is advising (re)insurers to carefully review cloud provider dependencies in portfolios via CyberCube’s Single-Point-of-Failure (SPoF) Intelligence to assess for regional cloud concentration, as well as accumulation per relevant SPoF “across their books using the latest modeling developments, introduced in Portfolio Manager v6 earlier this year.”
CyberCube’s Portfolio Manager clients are able to model losses from AWS outage scenarios by using the platform’s Cloud Infrastructure-related scenarios. This enables users to accurately assess potential impacts from cloud service disruptions across various portfolios.
SPoF Intelligence identifies insureds and vendor ecosystems “that depend on the same technologies.” SPoF customers are now able to access the latest AWS outage brief in the SPoF Intelligence Platform in order to assess their portfolio’s exposure to this particular event.