Major mistakes do not often go unpunished. But there may be exceptions to the “one strike and you are out” rule. US cyber security group CrowdStrike was responsible for one of the world’s biggest ever IT outages on July 19. Yet it reckons the impact on this year’s revenues will only be about $100mn at the midpoint of the range it provided — just a 2.5 per cent cut compared to previous guidance.
Investors are not convinced. CrowdStrike’s market value is down by nearly $20bn since the outage, well over 10 times what the lost sales would be worth on the current multiple of 15.7 times. In part, that may be down to the perception of legal risk, notably from Delta Air Lines, which said the outage cost it $500mn. CrowdStrike, for its part, says customer agreements contain provisions that limit its liabilities, and it maintains insurance policies to mitigate the impact.