![[up]](/small/arrow.up.gif){kind=icon}
![[prev]](/small/arrow.left.gif){kind=icon}
![[next]](/small/arrow.right.gif){kind=icon}
Supernova, Santa Clara, CA, 24 June 2004
Decentralized Risk
SlidesAbstract
Decentralization is one of the main strengths of the Internet, permitting distributed ownership and operations. Yet decentralization combined with automation breeds epidemic risk:- $200M in fraud and theft losses in 2002 (CSI/FBI)
- $10B in worm and virus-related losses (Goldman-Sachs)
- $100B cyberhurricane risk per Fortune 500 company (mi2g)
Enterprises need such risk quantified so they can manage it, but they can't quantify it themselves. Quantification is needed of the underlying perils (hazards such as nonredundant links, periodic congestion, etc.) and anomalies (worms, viruses, cable cuts, etc.). A big picture view with sufficient detail may be able to see problems before they turn into crises.
Two other applicable risk management mechanisms are insurance policies and performance bonds. They are similar to California catastrophe bonds, utility bonds, and stock futures. Liability for software bugs may be an enabler.
Last changed: $Date: 2004/06/28 19:27:18 $
