One Article Review
| Source |  Kovrr |
|---|---|
| Identifiant | 8393612 |
| Date de publication | 2020-03-22 00:00:00 (vue: 2023-10-10 07:25:35) |
| Titre | Compter le coût d'une grande panne de service de messagerie de messagerie dans la panne de service de service de messagerie Ukmajor pourrait entraîner une perte brute brute de 3,25 milliards de dollars. Counting the Cost of a Major Email Service Provider Outage in the UKMajor email service provider outage could lead to $3.25B gross insured loss.Read More |
| Texte | Modeling a Cyber CatastropheâCounting the Cost of a Major Email Service Provider Outage in the UKExecutive SummaryThe cyber books of many (re)insurers may be modest; however, their potential exposure to a cyber catastrophe could be very large. Even though overall cyber premiums are significantly lower than property in the UK, this report demonstrates that the potential for a multi-billion dollar insured loss is similar to the risk of floods catastrophes covered by property insurance.IntroductionEvery day 290 billion email messages are sent worldwide by 3.9billion users, facilitating a $15 trillion global economy comprised of over 150 million organizations. Email is an integral critical business service for organizations operating in the digital age. Businesses use email to communicate internally with staff and externally with their customers, clients, partners, and supply chain. Behind these huge numbers are a small number of email service providers (such as Microsoft, Google, and Rackspace) that account for the majority of all emails sent. This presents a potentially disastrous risk to the availability of this essential service if one was to suffer an outage as the result of a cyber-attack.A cyber-attack on an email service provider lasting hours, days or weeks and the resulting outage would lead to a substantial financial impact on a (re)insurance carrier. The key characteristics of this type of cyber catastrophe are high severity and low frequency, meaning, an event that does not occur regularly but entails great damage potential, effecting numerous businesses and leading to multiple claims on a (re) insurance carrier at a single point in time.âThe financial damage caused by a cyber catastrophe, such as an email outage, could also manifest through silent risk. Regulators are increasing requirements to quantify this potential silent cyber risk. In January 2019 the PRA(Prudential Regulation Authority) that regulates the UK Financial Services market (inc. the insurance market) demanded that UK insurance firms should seek risk models and expertise to estimate the potential silent (non-affirmative) cyber exposure across their portfolios and introduce robust mitigation strategies for limiting any potential risks.âThis report examines an attack on an email service provider in the UK leading to a service outage resulting from a single point of failure, an event that can lead to financial damage and claims due to affirmative cyber coverage. In this report the authors utilized Kovrrâs ability to quantify potential exposure to cyber catastrophes based on the composition of specific portfolios. Kovrrâs predictive modeling platform was used to map the underlying technologies and services used by the insured companies, enabling an understanding of the potential accumulation risks that are derived from the aggregation of their network of utilized technologies and service providers.âData Wipe Case Study: VFEmail.netOn the 11th February, 2019, hackers breached the servers of the email provider VFEmail.net and deleted all the data from its US servers, destroying all US customers data in the process. Users withVFEmail accounts were faced with empty inboxes and left with no recovery backup options. This was not the first occasion that VFEmail had been targeted. In 2015, VFEmail suffered a DDoS (DistributedDenial of Service) attack after the owner declined to pay a ransom demand from an online extortion group. The company was also forced to find a new hosting provider after a series of DDoS attacks in 2017.âAnatomy Of An AttackAn attack on an email service provider, larger thanVFEmail, could result in critical data being held hostage, altered or destroyed for multiple organizations. This analysis reflects the financial loss resulting from this large-scale business interruption event and the insured loss due to insurance claims that would be triggered in the event of an email service provider outage. In order to perform this analysis, we simulated multiple events includi |
| Envoyé | Oui |
| Condensat | $15 $195 $33 $44 $44â billion 000 010 103 11th 150 1:250years 2007 2015 2016 2017 2019 235 25b 25â billion 290 367 559 816 900 9billion 9â billion ability able about above accordingly account accounts accumulating accumulation accumulations accuracy accurately across acting action activated active actors adapting additionally adherence adjust adoption affecting affirmative after age aggregation aimed all allowing allows alone also altered alternative amir analysis analyzed any approach are areas arising asking assess assumptions attack attackan attacker attacks authority authors availability average avi backup base based bashan basis been before behind being better between big billion boltman book books both botnet brave breached business businesses businessâs but calculated can capability capital capture carefully carrier carriers case catastrophe catastrophes catastropheâcounting catastrophic cause caused causing chain characteristics chosen claims clear clearly client clients come commensurate commercial communicate communication companies company comparison composed composition comprised compromised concentration concerns conditions conducted connected considerations:âcatastrophe considered consistent constant containing continue contributed contribution controls core cost could counting coverage coverage; covered creates creating creation critical crucial current currently curves customers cyber cyberthis damage dangers data database dataset day days ddos decision declined deductible default deleted demand demanded demonstrates denial derived destroyed destroying developments devices different digital disastrous distributed distributeddenial diversify does dollar dos down drive due dyn dynamic e&o each economic economy effect effecting effective effects email emails empty enable enabling enhanced entails enterprises entire environments especially essential estimate estimated even event events evolve evolves examines example excellent excess exclude exists expertise explicitly exploiting exponential exposure exposures exposureâthe externally extortion extrapolated faced facilitating factored factors failure fashion february figure financial find findings finds firms first flood floods flow focusing forced frequency from fulfill furthermore gap gapâeconomic geographical give global golan google great gross ground group grow growth guidelines hackers had has have hazard held high hostage hosting hours how however huge identify ied impact implement implications improve inaccessibility inboxes inc including income increases increasing index indicates indicator industries industry infects ingredients initiatives insurance insured insurer insurers integral internally internet interruption introduce introductionevery invest iot its itâs january july june kessler& key kovrrâs landscape large larger lasting lead leading left leveraged limit limiting limits lines local locations looking loss loss: losses low lower major majority makers makes malware manage management managers managing manifest many map mapped market may meaning measure median meet meeting messages methodologies methodology methodologythe microsoft might million mirai mission mitigation model modeled modelers modeling models modest; moment more multi multibillion multiple naomi needs net neton network new non not now number numbers numerous occasion occur occurred offline ofservice onboarding one online only operating operations opportunities opportunity options order organizations organized other outage over overall overviewâwe own owner palatable paradigms particular partners passwords pay payouts perform performed period periods plans platform platforms point policies policy portfolio portfolios potential potentially power pra predictive premium premiums presents procedures process processes processthe productivity products profit projections prompt propagating property proprietary protection proven provide provider providers provides prudential quantify rackspace ransom rates rather read real recognizes recovery |
| Tags | Malware Tool Vulnerability |
| Stories | |
| Notes | ★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.