ITNewsAfrica logo

Latest News       Profile      Arbor Networks Website       Contacts       IT News Africa

linkedin   twitter icon   facebook



DDoS attacks: are you prepared? Are you insured?


JOHANNESBURG – April 13, 2017 – Distributed Denial of Service (DDoS) attacks are certainly causing many sleepless nights for CIOs and CSOs across the world. In fact, Arbor research reveals DDoS attack sizes are growing have grown by an astonishing 1,233 percent, at a compound growth rate of 68 percent, over just the past few years.

“We’re also seeing a tipping-point in the migration to cloud-based architectures and services,” notes Darren Anstee, chief security technologist at Arbor Networks, “which has dynamic effects on business agility, but can also potentially widen the threat surface.”

In this regard, Arbor’s latest Worldwide Infrastructure Security Report revealed that DDoS attacks targeting cloud-based services have grown from 19 percent of respondents two years ago, to 29 percent last year, and now 33 percent this year.

Whatever your level of cloud adoption, DDoS poses a number of risks to businesses:

  • Brand damage and loss of consumer trust
  • Direct revenue loss
  • Data loss
  • Costs to recover from an attack
  • Loss of competitive advantage
  • Regulatory fines from compliance breaches
  • SLA penalties
  • Fraud losses
  • Supply chain disruption

So, with more of a business’ overall value found within its ‘digital assets’, and ever-more so in cloud-based architectures, just how can one go about insuring these assets as we would do the more physical assets (such as property, plant, machinery, and so on)?

What is cybercrime insurance?
“Standard property policies generally won’t cover the loss of non-physical digital assets and data,” advises Anstee. “To guarantee protection from cybercrime, a dedicated and comprehensive cybercrime insurance policy is required,” he adds.

As actuaries start to learn from case history and build models to define and underwrite various types of cybercrime, organisations are now able to purchase various flavours of cybercrime insurance, to mitigate the losses incurred in the case of a security breach.

Anstee advises that companies insure themselves against a wide spectrum of cybercrime events – including coverage for data and privacy breaches, multimedia liability coverage (websites, media and intellectual property rights), extortion liability coverage to protect against ransomware, and network security liability coverage (which includes DDoS).

In fact, when it comes to DDoS cybercrime more specifically, global legal experts Reed Smith offer excellent advice on their website:

“It is important to ensure that the types of breaches expressly covered by your company’s [Cyberliability insurance] policy broadly include DDoS attacks, as well as intrusions by hacking, malicious acts by ‘rogue’ insiders, and negligent acts, such as the loss of hardware or disclosure of passwords or credentials.”

Augment and not replace
But Anstee cautions that insurance should augment, and certainly not replace, one’s security architecture: “Cybercrime insurance should provide another layer of protection – guarding you from the impact of a rapidly-evolving and very broad threat landscape. One should still have in place dedicated security solutions for DDoS attacks and all other known attack vectors.

“Having professional security solutions in place is important when engaging with insurers to correctly price cybercrime policies. The stronger the defence set-up, the lower the overall cybercrime insurance premium should be.”

Overall, he says that the introduction of insurance practices into the IT domain will help internal technical security professionals to better articulate the business cases and business value of security solutions.

“As business managers recognise the importance of comprehensive digital asset protection, they’ll see the benefits of a layered approach,” predicts Anstee, “here, strong technical security measures are followed-up by comprehensive cybercrime insurance.

“By combining both layers into one’s risk mitigation strategy, the business can ensure it’s fully protected against every eventuality.”


For more information about Arbor in Africa, please contact Bryan Hamman, , territory manager for Sub-Saharan Africa at Arbor Networks, at

About Arbor Networks
Arbor Networks, the security division of NETSCOUT, helps secure the world’s largest enterprise and service provider networks from DDoS attacks and advanced threats. Arbor is the world’s leading provider of DDoS protection in the enterprise, carrier and mobile market segments, according to Infonetics Research. Arbor’s advanced threat solutions deliver complete network visibility through a combination of packet capture and NetFlow technology, enabling the rapid detection and mitigation of malware and malicious insiders. Arbor also delivers market-leading analytics for dynamic incident response, historical analysis, visualization and forensics. Arbor strives to be a “force multiplier,” making network and security teams the experts. Our goal is to provide a richer picture into networks and more security context so customers can solve problems faster and reduce the risks to their business. To learn more about Arbor products and services, please follow us on Twitter @ArborNetworks. Arbor’s research, analysis and insight, together with data from the ATLAS global threat intelligence system, can be found at the ATLAS Threat Portal. Trademark Notice: Arbor Networks, the Arbor Networks logo and ATLAS are all trademarks of Arbor Networks, Inc. All other brands may be the trademarks of their respective owners.

Networks Unlimited, Chriselna Welsh, +27 (0) 11 202 8400,
icomm, Debbie Sielemann, +27 (0) 82 414 4633,,


Home    About Arbor Networks     Website



ITNewsAfrica logo

Download Button