Professional Documents
Culture Documents
áá
p
m
M Youƞre the risk manager of a financial institution
with a new web site
M Your insurance broker has provided you a quote
for new e-commerce risk insurance coverage:
$350,000 - $450,000 with low limits
M Your not exactly sure what the risks of the web
site are
M What to do?
i
Ô
0
ë
i !
Ñ"
#!
î
0
^
á
-
á
M áá ER developed a computer program to
model the economic performance of the e-
commerce infrastructure
M Used companyƞs performance statistics
M Used a áonte arlo simulation to produce
expected revenue and branding values
M Based on this quantification, valued the
potential losses of a series of scenarios
m
Flow of Information and quantification of failure probabilities
[
!
"# $ %% $$" ###"## $ "
! "
!%#$ #!!& mm
@
$
m
i
f rtici ti ks
lic ti fs
Às r c r riti
L
l s t ks
Prst v l f ic
l s
mÔ
M aenial of service
M hysical damage to hardware location
M New virus brings down complete system
M áalicious employee
M hreats/extortion
M heft of credit card numbers
m
a
M Attack causes a degradation of performance or
loss of service to web site
M Not covered under current coverage
M áodeling assumption: site down for 3 hours
M Àncome loss/ ustomer value loss
më
©
M Location of where hardware is kept is disabled
M overed under current insurance
M áodeling assumption: site down for 10 days
M Àncome loss/ ustomer value loss
M lient bankƞs lost revenue
m
{
M Not covered under current coverage
M áodel assumption: system down for 2 days
M Àncome loss/ ustomer loss
mî
á
M aestruction of important data or programs
M ost of recovery process covered under current
coverage
M Not modeled
M heft of policyholder info or other intangible
property
M Not covered under current coverage
m^
M hreat to commit a computer crime or to use
information gained from a computer crime in
exchange for money, personal gain or to
embarrass the company
M Would be covered under current kidnap and
ransom policies
m-
M a universe and Salesgate (e-mall)
M No credit card numbers are stored
m
$
Ô
ë
M aetermine Strategy
ü uess and onfessơ
Loss Leader
Self-Supporting
ranklin Approach
î
^
-
Ô
Ôm
Ô
Ô
Ôë
Ô
Ôî
Ô^
M º
Ô-
M º
m
ë
î
M aevelop áodel
^
-
üAttack of the Zombiesơ - ebruary,2000
áonday, ebruary 7
- 3 portal rendered inaccessible for 3 hours
uesday, ebruary 8
- i 90% inaccessible
- i incapacitated
- 95% inaccessible
- slowed to 5 minute access time
Wednesday, ebruary 9
- Ëa unreachable
- d slowed üto a crawlơ
- d 60% inaccessible
ë
ëm
á
[
á á[
[
ë
Ñ
ë
ë
ë
Ô Ô ë
ë
ë
©opularity
©rofile
©otential
ëë
eoys v. E*rade
ë
M ü3
ơ
- Yogi Berra
ëî