Technology Blog »

Delta’s Lawsuit Signals a New Era of Cybersecurity Litigation


An image depicting a rise in cybersecurity litigation due to Delta's lawsuit against CrowdStrike

Delta Air Lines’ recent lawsuit against CrowdStrike over a "catastrophic" software glitch highlights a growing trend in litigation focused on Cybersecurity and IT failures. The incident, which caused extensive flight disruptions and cost Delta an estimated $500 million, underscores the increasing legal expectations for technology vendors. It’s also a wake-up call for businesses to understand their role in managing cybersecurity risks.       

Why Cybersecurity Litigation is on the Rise

With the rapid digitalization of business operations, companies are more dependent on technology than ever. This dependence exposes them to significant risks when things go wrong, such as software bugs, data breaches, or Ransomware attacks. When incidents occur, insurers often seek to recoup their losses through a process called subrogation, targeting third parties, including IT service providers, software vendors, or even negligent employees who contributed to the event.
       

Why This Matters for Small and Medium-Sized Businesses

Despite the growing threats, many small and medium-sized businesses (SMBs) still underestimate the importance of proactive cybersecurity measures. They often see cybersecurity expenses as optional or delay investment until something catastrophic happens. However, this approach can be dangerous. Not only do cyber incidents carry the risk of financial loss, but they can also lead to legal repercussions, such as insurers' subrogation claims.

The Reality of Cyber Liability Insurance

Some companies rely solely on cyber liability insurance for protection, assuming it will cover all their losses in the event of an incident. But insurance policies often come with exclusions or clauses that limit coverage, especially if the insured did not adhere to best practices for cybersecurity. Furthermore, insurance companies have been known to subrogate against parties responsible for the breach—including service providers and, in some cases, individual employees—to recover costs.

What Businesses Should Do to Protect Themselves

Here’s how SMBs can better prepare for the evolving risks and avoid falling into the trap of "too little, too late":                   

  • Implement Strong Cybersecurity Policies: Ensure comprehensive security measures, including multi-factor authentication, regular software updates, and employee training on Phishing and other cyber threats.
     
  • Understand Vendor Agreements: Review contracts to understand liability limitations and ensure vendors meet industry standards when using third-party IT services.
     
  • Don't Rely Solely on Cyber liability Insurance: While cyber liability insurance can provide a safety net, it should be part of a broader cybersecurity strategy that includes active risk management.
     
  • Work with a Trusted MSP: Partnering with a Managed Services Provider (MSP) like Delaney Computer Services can help you maintain best practices and address compliance requirements, reducing the likelihood of breaches.

How We Can Help

Delaney Computer Services has decades of experience helping businesses manage their digital risks. Our services go beyond the basics, providing a robust cybersecurity framework covering employee training, system monitoring, incident response planning, and more. With litigation on the rise and insurers becoming more aggressive in pursuing subrogation claims, the time to take cybersecurity seriously is now.

The Delta-CrowdStrike lawsuit is just one example of how cybersecurity failures can quickly escalate into costly legal battles. Don’t wait for a crisis to force your hand. Proactively securing your business helps you avoid financial and legal headaches and positions you as a responsible company in today’s digital world.

Contact us today to learn how we can protect your business from evolving cyber risks.