DDoS and Downtime: Considerations for Risk Management

As critical business functions become increasingly dependent on the availability of IT resources, chief financial officers (CFOs), chief risk officers (CROs), and other senior executives are beginning to re-assess whether their organization's risk management strategy adequately addresses the threat of network, application, or service downtime.

While most enterprise risk managers are accustomed to addressing regulatory compliance, data integrity, and data privacy within an IT risk management framework, many have not fully accounted for IT availability as it relates to business continuity. Even risk managers who do consider IT availability may focus only on operational and environmental threats (e.g., human error, fires, and floods) while overlooking distributed denial of service (DDoS) attacks, which are one of the leading causes of IT-related business downtime.

Given the probability and potential impact of DDoS attacks, and compared to the cost of other downtime-related risk mitigation solutions, DDoS threat mitigation may be one of the easiest and most cost-effective tactics for minimizing financial risk associated with IT-related downtime.

Click on the cover image to the right or visit Verisign, Inc. to download now!