Myth: My insurance will cover any DDoS attack damage.
Fact: Well, for sure not your business insurance. But do you have "cyber" insurance? And does it cover all costs associated with a DDoS attack? The mere fact that we're starting to see industry interest in cyber insurance represents a coming of age of security, and recognition of the importance of security and what it means to truly live and do business in a connected world.
This is resulting in new cyber-insurance policies coming on the scene as mergers and acquisitions are driving buyers to send those being bought to get cyber insurance, and as new regulations are requiring companies have cyber insurance.
Executives are increasingly accepting the necessity of understanding their company's cyber risk, and as a result we're seeing a clear mindset shift happening in the industry – from CISOs at insurance firms being brought into business decisions, to re-insurers starting to ask about how to re-insure cyber insurance policies. With cyber insurance quickly emerging as a must-have for businesses of all sizes, it is critical to understand what insurance is right for your company. This means understanding what is (and what is not) covered by your policy, and what role the insurer will play in the event of a breach.
Enterprises and service providers worldwide, across every industry, face a never-ending deluge of distributed denial-of-service (DDoS) attacks that continue to rise in size, frequency and complexity. Unfortunately, not all companies realize the danger that DDoS attacks pose, or have insight into their own risk profile. The bottom line is that you first need to understand the facts about both in order to determine the right amount of insurance and risk you're willing to live with. In an effort to shed more light on these issues, Tom Bienkowski of Arbor Networks has outlined the five most common DDoS myths that he's heard from customers and prospects in the field.