Welcome!

SDN Journal Authors: Pat Romanski, Patrick Hubbard, Elizabeth White, Sven Olav Lund, Liz McMillan

Related Topics: Cloud Security, Java IoT, Microservices Expo, Agile Computing, @CloudExpo, SDN Journal

Cloud Security: Article

Network-Based Attacks: How Much Can They Cost You?

Techniques and resources for IT managers to develop their own cost model

Every business acknowledges that network security is critical. But how do you quantify the business value that a secure network provides? And how does an enterprise evaluate and justify investing in network security products like next-generation firewalls, intrusion prevention systems and unified threat management appliances?

While there is no exact formula or "cost of attacks" calculator, there are some useful guidelines and research studies that can provide techniques and resources for IT managers to develop their own cost model. There are three core areas that are important for assessing the impact of network-based attacks and the "prevention value" of next-generation firewall technologies:

  • Defining the different types of network-based attacks
  • Understanding how those attacks can affect your bottom line
  • Methods of quantifying the impact of those attacks

Types of Network-Based Attacks
There are hundreds of types of network-based attacks that can damage an organization. The most common forms include:

  • Viruses, Trojans, worms and other malware that can shut down servers and workstations, or steal data.
  • Advanced persistent threats designed to penetrate networks and surreptitiously steal intellectual property and confidential information.
  • Distributed denial-of-service (DDoS) and flooding attacks that can overwhelm servers and shut down web sites.

How Network-Based Attacks Can Affect Your Bottom Line
This is where it hurts - attacks cause two major categories of harm, regardless of the source: data breaches and loss of service.

Data breaches are always a topic of sensational news coverage, as they result in confidential information being captured and surreptitiously removed out of the organization into the hands of criminals or competitors.

The damage caused by data breaches is visible and very painful. They can be financial (lost revenue, legal and regulatory costs, lawsuit awards and fines) "soft" costs (loss of customer goodwill and loyalty) and loss of competitiveness (through loss in intellectual property). Companies that have suffered data breaches spend an inordinate amount of time and money in detection and technical remediation costs identifying and blocking attacks as well as assessing damage and putting corrective measures in place. In addition, the negative publicity over a data breach lasts far beyond the attack itself.

Denial-of-service attacks result in computer systems - workstations as well as web, application or database servers - being degraded or completely disabled.

The damages in this scenario can also be catastrophic. Commerce slows to a crawl or stops altogether, so revenue is directly impacted. Day-to-day processes are interrupted or employees cannot do their jobs because the network is down.  As with data breaches, there's a real cost associated with IT and support staff having to diagnose problems, coach employees, restart services and re-image PCs.

How to Estimate the Costs?
There is no one-size-fits-all cost model.

Two independent sources that can help IT quantify the impact of network-based attacks can be found in a March, 2012 study from Ponemon Institute, and the NetDiligence® Cyber Liability & Data Breach Insurance Claims Study published in October, 2012.

The Ponemon Institute conducted in-depth interviews late in 2011 with 49 U.S. companies in 14 industries that had experienced the loss or theft of customers' personal data. Some of the key findings:

  • The average total cost of a data breach: $5.5 million.
  • Lost revenue per breach: $3 million
  • Post-data breach costs: $1.5 million (everything from help desk, remediation, customer discounts and more)

The per-record figures - which are based on fairly large quantities (typically 100,000+ records) - can give IT managers at least some sense of the cost associated with data breaches, scaled to the size of the enterprise and the number of threats typically faced.

The NetDiligence study analyzed published a study of 137 events between 2009 and 2011 that resulted in insurance companies making payouts on cyber liability claims. Average payouts:

  • Legal settlement per event: $2,100,000
  • Legal defense per breach $582,000
  • Total average insurance payout costs per event: $3.7 million

While these two studies measure different elements of the costs associated with network attacks, they are consistent in one sense - both illustrate just how costly network attacks really are to a company's bottom line, its reputation and its ability to compete.

Beyond these numbers, there are some back-of-the envelope calculations that can help justify the investment needed for next-generation network firewall technologies:

  • The revenue loss for every hour your web site is down or significantly impaired because of a DDoS attack.
  • The productivity loss for every hour a key business process is down because of malware disabling the server.
  • The hourly rate for help desk personnel to diagnose malware infections on PCs and for the support group to re-image infected PCs.
  • The cost per record for notifying customers or employees in the event of a data breach and providing credit monitoring services to them for a year.

Two additional techniques may be helpful in estimating the costs of attacks. Some organizations have created detailed estimates of possible future ramifications by conducting "war game" simulations. These involve gathering a cross-section of company staff from IT, marketing, HR, legal and other functions, and running through an attack scenario. These exercises not only help quantify costs, but often turn up unexpected effects - for example, contractual obligations or the regulatory impact of data breaches.

Taking Action
How does this all net out for IT managers? The bad news: network attacks are costly, disruptive, potentially catastrophic on many levels and should be avoided at all costs. The good news: there is a rich tool and service set available to help understand exactly how data breaches and loss-of-service attacks can affect your company's bottom line. By comparing these costs with the preventative costs of next-generation protection technologies you are better armed and prepared to understand and articulate the financial and strategic value of increasing investment in securing your company's network. This is not just an academic exercise, it is a business imperative.

More Stories By Patrick Sweeney

Patrick Sweeney has over 20 years experience in high tech product management, product marketing, corporate marketing and sales development. Mr. Sweeney is Dell SonicWALL’s Executive Director, Product Management, where he oversees its Network Security, Content Security, Business Continuity and Policy & Management product lines. Previous positions include Vice President of Worldwide Marketing, Minerva Networks, Senior Manager of Product Marketing & Solutions Marketing for Silicon Graphics Inc, Director of Worldwide Sales & Marketing for Articulate Systems, and Senior Product Line Manager for Apple Computer. Mr. Sweeney holds an MBA from Santa Clara University, CA.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@CloudExpo Stories
Recently, REAN Cloud built a digital concierge for a North Carolina hospital that had observed that most patient call button questions were repetitive. In addition, the paper-based process used to measure patient health metrics was laborious, not in real-time and sometimes error-prone. In their session at 21st Cloud Expo, Sean Finnerty, Executive Director, Practice Lead, Health Care & Life Science at REAN Cloud, and Dr. S.P.T. Krishnan, Principal Architect at REAN Cloud, will discuss how they bu...
Coca-Cola’s Google powered digital signage system lays the groundwork for a more valuable connection between Coke and its customers. Digital signs pair software with high-resolution displays so that a message can be changed instantly based on what the operator wants to communicate or sell. In their Day 3 Keynote at 21st Cloud Expo, Greg Chambers, Global Group Director, Digital Innovation, Coca-Cola, and Vidya Nagarajan, a Senior Product Manager at Google, will discuss how from store operations...
As hybrid cloud becomes the de-facto standard mode of operation for most enterprises, new challenges arise on how to efficiently and economically share data across environments. In his session at 21st Cloud Expo, Dr. Allon Cohen, VP of Product at Elastifile, will explore new techniques and best practices that help enterprise IT benefit from the advantages of hybrid cloud environments by enabling data availability for both legacy enterprise and cloud-native mission critical applications. By rev...
In his session at 21st Cloud Expo, James Henry, Co-CEO/CTO of Calgary Scientific Inc., will introduce you to the challenges, solutions and benefits of training AI systems to solve visual problems with an emphasis on improving AIs with continuous training in the field. He will explore applications in several industries and discuss technologies that allow the deployment of advanced visualization solutions to the cloud.
Join IBM November 1 at 21st Cloud Expo at the Santa Clara Convention Center in Santa Clara, CA, and learn how IBM Watson can bring cognitive services and AI to intelligent, unmanned systems. Cognitive analysis impacts today’s systems with unparalleled ability that were previously available only to manned, back-end operations. Thanks to cloud processing, IBM Watson can bring cognitive services and AI to intelligent, unmanned systems. Imagine a robot vacuum that becomes your personal assistant tha...
The next XaaS is CICDaaS. Why? Because CICD saves developers a huge amount of time. CD is an especially great option for projects that require multiple and frequent contributions to be integrated. But… securing CICD best practices is an emerging, essential, yet little understood practice for DevOps teams and their Cloud Service Providers. The only way to get CICD to work in a highly secure environment takes collaboration, patience and persistence. Building CICD in the cloud requires rigorous ar...
Nordstrom is transforming the way that they do business and the cloud is the key to enabling speed and hyper personalized customer experiences. In his session at 21st Cloud Expo, Ken Schow, VP of Engineering at Nordstrom, will discuss some of the key learnings and common pitfalls of large enterprises moving to the cloud. This includes strategies around choosing a cloud provider(s), architecture, and lessons learned. In addition, he’ll go over some of the best practices for structured team migrat...
SYS-CON Events announced today that Datera will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Datera offers a radically new approach to data management, where innovative software makes data infrastructure invisible, elastic and able to perform at the highest level. It eliminates hardware lock-in and gives IT organizations the choice to source x86 server nodes, with business model option...
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
Infoblox delivers Actionable Network Intelligence to enterprise, government, and service provider customers around the world. They are the industry leader in DNS, DHCP, and IP address management, the category known as DDI. We empower thousands of organizations to control and secure their networks from the core-enabling them to increase efficiency and visibility, improve customer service, and meet compliance requirements.
Digital transformation is changing the face of business. The IDC predicts that enterprises will commit to a massive new scale of digital transformation, to stake out leadership positions in the "digital transformation economy." Accordingly, attendees at the upcoming Cloud Expo | @ThingsExpo at the Santa Clara Convention Center in Santa Clara, CA, Oct 31-Nov 2, will find fresh new content in a new track called Enterprise Cloud & Digital Transformation.
SYS-CON Events announced today that NetApp has been named “Bronze Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. NetApp is the data authority for hybrid cloud. NetApp provides a full range of hybrid cloud data services that simplify management of applications and data across cloud and on-premises environments to accelerate digital transformation. Together with their partners, NetApp emp...
SYS-CON Events announced today that N3N will exhibit at SYS-CON's @ThingsExpo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. N3N’s solutions increase the effectiveness of operations and control centers, increase the value of IoT investments, and facilitate real-time operational decision making. N3N enables operations teams with a four dimensional digital “big board” that consolidates real-time live video feeds alongside IoT sensor data a...
Smart cities have the potential to change our lives at so many levels for citizens: less pollution, reduced parking obstacles, better health, education and more energy savings. Real-time data streaming and the Internet of Things (IoT) possess the power to turn this vision into a reality. However, most organizations today are building their data infrastructure to focus solely on addressing immediate business needs vs. a platform capable of quickly adapting emerging technologies to address future ...
The dynamic nature of the cloud means that change is a constant when it comes to modern cloud-based infrastructure. Delivering modern applications to end users, therefore, is a constantly shifting challenge. Delivery automation helps IT Ops teams ensure that apps are providing an optimal end user experience over hybrid-cloud and multi-cloud environments, no matter what the current state of the infrastructure is. To employ a delivery automation strategy that reflects your business rules, making r...
As people view cloud as a preferred option to build IT systems, the size of the cloud-based system is getting bigger and more complex. As the system gets bigger, more people need to collaborate from design to management. As more people collaborate to create a bigger system, the need for a systematic approach to automate the process is required. Just as in software, cloud now needs DevOps. In this session, the audience can see how people can solve this issue with a visual model. Visual models ha...
Enterprises are adopting Kubernetes to accelerate the development and the delivery of cloud-native applications. However, sharing a Kubernetes cluster between members of the same team can be challenging. And, sharing clusters across multiple teams is even harder. Kubernetes offers several constructs to help implement segmentation and isolation. However, these primitives can be complex to understand and apply. As a result, it’s becoming common for enterprises to end up with several clusters. Thi...
SYS-CON Events announced today that Avere Systems, a leading provider of hybrid cloud enablement solutions, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Avere Systems was created by file systems experts determined to reinvent storage by changing the way enterprises thought about and bought storage resources. With decades of experience behind the company’s founders, Avere got its ...
In the fast-paced advances and popularity in cloud technology, one of the most critical factors revolves around concerns for security of your critical data. How to assure both your company and your customers they can confidently trust and utilize your cloud environment is most often top on the list. There is a method to evaluating and providing security that exceeds conventional modes of protecting data both within the cloud as well externally on mobile and other devices. With the public failure...
Containers are rapidly finding their way into enterprise data centers, but change is difficult. How do enterprises transform their architecture with technologies like containers without losing the reliable components of their current solutions? In his session at @DevOpsSummit at 21st Cloud Expo, Tony Campbell, Director, Educational Services at CoreOS, will explore the challenges organizations are facing today as they move to containers and go over how Kubernetes applications can deploy with lega...