Understanding how your business could be affected by a cyberattack and preparing an incident response plan could save you from financial ruin.
Case Study 1: Network Attack
A data centre which hosted an online retail company’s website became the target of a distributed denial of service (DDoS) attack.
The incident, which utilised hacked IoT (Internet of Things) devices, flooded the data centre’s network with so much traffic that their network failed. This made the online retail company’s website inaccessible for a period of six hours before backup systems were able to restore 100% functionality.
After telephoning the Chubb Incident Response Hotline, an Incident Response Manager was assigned to the incident.
Financial Impact
| Recovery Costs: | |
| Increased cost of working required to get website functioning properly |
$18,000
|
| Costs to subcontract with external service provider |
$23,000
|
| Business Interruption: | |
| Lost sales and revenue from website downtime |
$142,500
|
|
Incident Response Expenses:
|
|
|
IT forensics firm
|
$22,000
|
|
Legal consultation fees
|
$15,000
|
|
Incident Response Manager fees
|
$6,000
|
|
Total Cost:
|
$226,500
|
Learnings
As the use of IoT devices increase, Distributed Denial of Service (DDoS) attacks are becoming more common and more powerful.
To minimise the impact of an incident like this, it is important to build a business continuity plan that ensures critical business applications, systems, and activities do not rely on only one single IT provider.
Chubb’s incident response managers and trusted Cyber vendors are experienced in dealing with DDoS attacks and can assist in getting SME businesses back on track as soon as possible.
Case Study 2: Staff Negligence
Financial Impact
| Recovery Costs: | |
|
Increased staff costs to restore network to functioning order
|
$18,000 |
| Business Interruption: | |
| Lost sales and revenue from business interruption | $50,000 |
| Incident Response Expenses: | |
|
Forensic investigation and response services
|
$100,000
|
|
Incident Response Manager fees
|
$10,000
|
| Total Cost: |
$178,000
|
Learnings
This case study underlines the importance of training staff to be vigilant of cyber threats. The best ways to establish positive and secure habits within your company’s workforce is with regular training and education.
You should also restrict access to sensitive information by only allowing management or those who require that information for company operations, to have access.
This content is brought to you by Chubb Insurance Australia Limited (“Chubb”) as a convenience to readers and is not intended to constitute advice (professional or otherwise) or recommendations upon which a reader may rely. Any references to insurance cover are general in nature only and may not suit your particular circumstances. Chubb does not take into account your personal objectives, financial situation or needs and any insurance cover referred to is subject to the terms, conditions and exclusions set out in the relevant policy wording. Please obtain and read carefully the relevant insurance policy before deciding to acquire any insurance product. A policy wording can be obtained at www.chubb.com/au, through your broker or by contacting any of the Chubb offices. Chubb makes no warranty or guarantee about the accuracy, completeness, or adequacy of the content. Readers relying on any content do so at their own risk. It is the responsibility of the reader to evaluate the quality and accuracy of the content. Reference in this content (if any) to any specific commercial product, process, or service, and links from this content to other third party websites, do not constitute or imply an endorsement or recommendation by Chubb and shall not be used for advertising or service/product endorsement purposes. ©2020 Chubb Insurance Australia Limited ABN: 23 001 642 020 AFSL: 239687. Chubb®, its logos, and Chubb.Insured.SM are protected trademarks of Chubb.
Insights & Resources
We keep you informed – and your business protected – with these helpful articles.
