The CrowdStrike disruption reminds us that cyber risk underwriting faces new challenges and questions almost on a daily basis: did cyber underwriters intend to cover the consequences of negligent IT security (not an attack) by a third party that causes disruption to an insured's computer systems? Was the CrowdStrike incident unforeseen such that, due to a broad consideration of the concept of ‘incident’ or ‘computer system’, losses would be covered by the cyber policy even if they were not intended to be? Cyber insurance can, but does not always, include coverage for failures of the insured's systems that were not caused by a cyber attack. Underwriting processes therefore need to adapt to this increasingly complex and supply chain-dependent environment, while being careful to be explicit about what types of incident are intended to be covered.