{"id":3385,"date":"2025-11-24T15:42:35","date_gmt":"2025-11-24T15:42:35","guid":{"rendered":"https:\/\/ribesalat.com\/?p=3385"},"modified":"2025-11-24T15:42:39","modified_gmt":"2025-11-24T15:42:39","slug":"black-friday-cyber-monday-christmas-digital-security","status":"publish","type":"post","link":"https:\/\/ribesalat.com\/en\/black-friday-cyber-monday-christmas-digital-security\/","title":{"rendered":"Black Friday, Cyber Monday and Christmas: when digital security is put to the test"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">E-commerce breaks new records every season, especially as dates like <strong>Black Friday, Cyber Monday and Christmas<\/strong> approach, surpassing previous highs in sales, web traffic and transactions. But as these figures rise, <strong>so too do technological incidents and fraud attempts. <\/strong>The risk curve spikes, forcing companies to react. Strengthening <strong>digital security<\/strong> has never been so essential.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In this regard, <strong>Rib\u00e9Salat<\/strong>, a global insurance and reinsurance broker with <strong>over 35 years of experience<\/strong>, analyses why <strong>digital security<\/strong> is so critical during these weeks, the types of incidents that recur each year, and the role of cyber insurance as a financial safety net to keep going when everything fails.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Increased traffic and technological pressure<\/strong><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">At the end of the year, digital commerce plays \u201cthe match of the season\u201d. The figures speak louder than any theory: global digital sales on <a href=\"https:\/\/statistics.blackfriday\/\" target=\"_blank\" rel=\"noopener\"><strong>Black Friday<\/strong><\/a> <strong>2024 <\/strong>exceeded <strong>\u20ac64.282 billion<\/strong>, with projections for 2025 to grow <strong>between 5% and 11.6%<\/strong>, according to <a href=\"https:\/\/ecommerce-news.es\/las-ventas-online-durante-black-friday-y-cyber-monday-creceran-en-torno-a-un-10-en-la-campana-2025\/\" target=\"_blank\" rel=\"noopener\">Webloyalty<\/a>.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">At the same time, traffic surges. <a href=\"https:\/\/www.cloudflare.com\/es-es\/\" target=\"_blank\" rel=\"noopener\">Cloudflare <\/a>data shows that e-commerce websites recorded an <strong>approximate 30% global increase<\/strong> during the Black Friday\u2013Cyber Monday weekend, a figure that is expected to rise <strong>25\u201335%<\/strong> in coming years. This surge in demand directly impacts <strong>digital security<\/strong> because:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>The web infrastructure is under strain<\/strong>: more simultaneous sessions, more cart and checkout operations, more database queries.<\/li>\n\n\n\n<li><strong>Payment gateways are operating at full capacity<\/strong>: peaks in card validations and anti-fraud systems.<\/li>\n\n\n\n<li><strong>The cloud and hosting absorb excess load<\/strong>: CPU, memory, bandwidth, and storage are approaching critical thresholds.<\/li>\n\n\n\n<li><strong>APIs and microservices are multiplying<\/strong>: inventory, logistics, recommendations, coupons, loyalty programmes, etc.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Even without an attack, failures appear:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>500 errors during peak traffic periods.<\/li>\n\n\n\n<li>Checkouts that fail to complete the payment process.<\/li>\n\n\n\n<li>Carts that \u201cdisappear\u201d due to session issues.<\/li>\n\n\n\n<li>Integrations with logistics leaving orders unrecorded.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Here, <strong>digital security<\/strong> is no longer just about preventing intrusions; it must ensure that key systems withstand the load and that, if something fails, the disruption does not sink the year\u2019s results or the teams responsible for business and security.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Critical dependence on external providers<\/strong><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">For high-volume campaigns, the picture is clear: <strong>very few companies control their entire technology chain from start to finish. <\/strong>Most depend on multiple specialists:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>CDN and WAF (e.g., Cloudflare).<\/li>\n\n\n\n<li>Cloud and hosting providers (AWS, Azure, etc.).<\/li>\n\n\n\n<li>Payment gateways (Redsys, Stripe, Adyen).<\/li>\n\n\n\n<li>Authentication platforms.<\/li>\n\n\n\n<li>Marketing automation and CRM tools.<\/li>\n\n\n\n<li>Logistics and last-mile providers.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">From a <strong>digital security<\/strong> perspective, this means that a failure in an external link can completely halt the flow of sales.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>When the provider goes down&#8230; the cash register stops<\/strong><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Some situations repeat campaign after campaign:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>CDN or hosting failure<\/strong><strong><br><\/strong>The website or app stops loading, or loads so slowly that the experience becomes frustrating.<br>Meanwhile:\n<ul class=\"wp-block-list\">\n<li>Investment in paid campaigns continues.<\/li>\n\n\n\n<li>Users abandon their cart and go to the competition.<\/li>\n\n\n\n<li>Support channels become overloaded.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Payment gateway failure<\/strong><strong><br><\/strong>When Redsys or another gateway experiences an incident:\n<ul class=\"wp-block-list\">\n<li>Payments are rejected or left &#8220;in limbo&#8221;.<\/li>\n\n\n\n<li>Duplicates and ghost carts increase.<\/li>\n\n\n\n<li>Fraudsters take advantage of the confusion.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>API and integration errors<\/strong><strong><br><\/strong>Problems between the e-commerce platform and:\n<ul class=\"wp-block-list\">\n<li>ERP and inventory.<\/li>\n\n\n\n<li>Coupon systems.<\/li>\n\n\n\n<li>Logistics platforms.<\/li>\n\n\n\n<li>Authentication mechanisms.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>The result: products marked as out of stock, duplicated orders, delivery delays, and customers unable to log in at key moments.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Most common incidents during these periods<\/strong><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Digital security<\/strong> faces heightened risks during high-traffic seasons such as Black Friday and Christmas:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Cyberattacks during peak season<\/strong><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">During <strong>Black Friday, Cyber Monday, and Christmas<\/strong>, attackers know that every minute of downtime is costly. The most common patterns are:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>DDoS attacks<\/strong> against the website or APIs, aiming to take the digital channel offline during peak hours.<\/li>\n\n\n\n<li><strong>Scraping bots and stock abuse<\/strong> to deplete key items artificially or steal pricing and promotion data.<\/li>\n\n\n\n<li><strong>Account takeovers<\/strong> using credentials leaked in other incidents.<\/li>\n\n\n\n<li><strong>Payment fraud<\/strong> by testing stolen card numbers during the highest-traffic campaigns.<\/li>\n\n\n\n<li><strong>Ransomware <\/strong>targeting e-commerce, ERP, or POS servers, capable of halting both physical and digital sales during the most profitable days of the year.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Seasonal phishing and smishing<\/strong><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Phishing \u201cmasquerades\u201d as Black Friday or Christmas:&nbsp;<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>1. Fake websites in retail campaigns (phishing and typosquatting)<\/strong><\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">During Black Friday and Cyber Monday, fake websites imitating well-known brands proliferate. Typical examples in global campaigns:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201camaz0n\u2013deals.com\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cblackfriday-nike.shop\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201coutlet-zara.sale\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">These are mirror pages created to:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Steal cards.<\/li>\n\n\n\n<li>Steal passwords.<\/li>\n\n\n\n<li>Place fraudulent orders.<\/li>\n\n\n\n<li>Install malware.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">There is also an increase in <strong>typosquatting <\/strong>(registering domain names that are common misspellings of popular websites to redirect users to malicious sites):<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">amaz0n.com<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">zarra.com<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">blackfridday.es<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">These domains are sold on the dark web or in closed forums as a quick entry point for fraud campaigns.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>2. Increase in cyberattacks on retail during Black Friday<\/strong><\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">The 2023\u20132024 reports confirm:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>30%<\/strong> rise in DDoS attacks against e-commerce during Black Friday (Cloudflare).<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>22%<\/strong> rise in fraud attempts at checkout (Forter, Riskified).<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>35%<\/strong> more \u201corder update\u201d phishing campaigns (IBM X-Force).<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>17%<\/strong> rise in bots that lock up stock and saturate shopping carts (Kasada Security).<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The main targets? Payment and checkout screens, inventory and logistics APIs, integrations with CRM and ERPs.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>3. What happens on the dark web during these campaigns&nbsp;<\/strong><\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">November and December see an increase in sales of:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Leaked e-commerce databases.<\/li>\n\n\n\n<li>Stolen Shopify, Magento, WooCommerce accounts.<\/li>\n\n\n\n<li>Administrator credentials.<\/li>\n\n\n\n<li>Payment cards (Carding).<\/li>\n\n\n\n<li>Scripts to clone retail websites.<\/li>\n\n\n\n<li>Bots to attack payment gateways.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">There is also a greater supply of \u201cfraud as a service\u201d (FaaS). Criminal groups rent out:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Ready-to-use phishing campaigns.<\/li>\n\n\n\n<li>Website duplication kits.<\/li>\n\n\n\n<li>Bots that automate fake returns.<\/li>\n\n\n\n<li>Tools to bypass basic anti-fraud measures.<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>&nbsp;4. How much is the stolen data worth? (Real, public and 100% secure ranges)<\/strong><\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">According to 2024 reports from Kaspersky, Trend Micro, Comparitech and Privacy Affairs:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Credit card (numbers only): \u20ac10\u201325.<\/li>\n\n\n\n<li>Full card + CVV: \u20ac15\u201340.<\/li>\n\n\n\n<li>PayPal account: \u20ac30\u2013120 depending on balance.<\/li>\n\n\n\n<li>E-commerce credentials: \u20ac1\u201310.<\/li>\n\n\n\n<li>Access to Shopify\/Magento\/Woo panel: \u20ac70\u2013500.<\/li>\n\n\n\n<li>Full details (name + ID + email + phone): \u20ac2\u20137 per record.<\/li>\n\n\n\n<li>Filtered retail database: \u20ac150\u20131,000 depending on size, country and sensitivity.<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>5. \u201cCyberattacks on demand\u201d (services sold to criminal enterprises)<\/strong><\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">These are services contracted by third parties:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">&#8211; Ransomware as a Service (RaaS): a criminal gang sets up the attack, the affiliate carries out the intrusion, and everyone receives a commission.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">&#8211; DDoS on demand: pay per hour to take down rival websites (illegal, typical during BF\/CM).<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">&#8211; Stolen corporate credentials: sale of usernames and passwords of retail companies for subsequent attacks.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">&#8211; Compromise of gateways: scripts to manipulate real payment pages (Magecart, Skimmer JS).<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>6. Why does it go up so much on Black Friday and Cyber Monday?<\/strong><\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">Because it&#8217;s the \u201cperfect storm\u201d:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Peak traffic.<\/li>\n\n\n\n<li>Overloaded devices.<\/li>\n\n\n\n<li>More transactions.<\/li>\n\n\n\n<li>Less attention.<\/li>\n\n\n\n<li>Sense of urgency (buy NOW).<\/li>\n\n\n\n<li>Many external providers at the same time.<\/li>\n\n\n\n<li>Dependence on gateways.<\/li>\n\n\n\n<li>More marketing = large attack surface.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Third-party and digital supply chain incidents<\/strong><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Even if the incident involves a provider, the retailer suffers the impact. For example:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Mango, El Corte Ingl\u00e9s, Tendam<\/strong>: breaches at marketing or loyalty providers with an impact on customer and club data, which are precisely the engine of digital sales.<\/li>\n\n\n\n<li><strong>Auchan \/ Alcampo<\/strong>: incidents affecting internal and ordering systems, with an impact on daily operations.<\/li>\n\n\n\n<li><strong>Blue Yonder<\/strong>: ransomware in a supply chain software provider impacts inventory and product availability for global retailers.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Internal fraud and financial manipulation<\/strong><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">The peak sales season also multiplies internal risks. According to <a href=\"https:\/\/www.acfe.com\/-\/media\/files\/acfe\/pdfs\/rttn\/2024\/2024-report-to-the-nations.pdf\" target=\"_blank\" rel=\"noopener\">ACFE<\/a> (Association of Certified Fraud Examiners):<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>37% of internal fraud is committed by entry-level employees.<\/li>\n\n\n\n<li>41% is committed by middle managers.<\/li>\n\n\n\n<li>19% of cases are perpetrated by owners\/executives (senior management).<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">The most common schemes are:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Forged cheques.<\/li>\n\n\n\n<li>Invoice manipulation.<\/li>\n\n\n\n<li>Impersonation of suppliers.<\/li>\n\n\n\n<li>CEO fraud through false payment instructions.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Why vulnerability is higher between October and January<\/strong><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Half of retailers (\u224852%) feel more vulnerable to cyberattacks in the last months of the year than at any other time. Let&#8217;s look at the reasons:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Revenue concentration<\/strong>: November and December can account for <strong>18\u201320%<\/strong> of annual retail sales, and even more in sectors such as fashion, electronics, or toys.<\/li>\n\n\n\n<li><strong>Operational peaks<\/strong>: more orders, more returns, greater pressure on logistics and back-office systems.<\/li>\n\n\n\n<li><strong>Staff under pressure<\/strong>: longer shifts, less rest, quick decisions\u2026 and a higher likelihood of human error in response to suspicious emails or calls.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Real incidents: when the campaign goes wrong<\/strong><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Theory comes to life when looking at specific cases. Here are some examples that had a direct impact on revenue and reputation:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>IKEA (Fourlis Group \u2013 Greece, Cyprus, Romania, Bulgaria)<\/strong><strong><br><\/strong>A ransomware attack just before Black Friday affected physical stores and the digital channel. Estimated losses were around \u20ac15\u201320 million in sales, including disrupted online orders and logistical issues.<\/li>\n\n\n\n<li><strong>Marks &amp; Spencer (United Kingdom)<\/strong><strong><br><\/strong>A ransomware attack forced the suspension of online and app orders for weeks. The retailer itself estimates up to \u20ac340 million in impact on operating profit and a notable reduction in digital business during the affected period.<\/li>\n\n\n\n<li><strong>Victoria&#8217;s Secret (United States)<\/strong><strong><br><\/strong>A security incident forced a temporary website shutdown and limited in-store services, suspending online orders and returns. Estimated losses were close to \u20ac17.3 million due to the impact of the incident.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Behind each case, there is a common denominator: <strong>digital security<\/strong> failed at the moment it was needed most, and the absence of an adequate financial buffer amplified the damage.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In <strong>Catalonia<\/strong>, the figures are equally striking: in 2024, <a href=\"https:\/\/bleta.io\/proteger-mayores-fraudes-black-friday\/\" target=\"_blank\" rel=\"noopener\"><strong>71,772 <\/strong><\/a>reports of cyber scams were recorded, according to the Ag\u00e8ncia de Ciberseguretat de Catalunya and ACCI\u00d3, making <strong>Catalonia the region with the most cases in the entire country<\/strong>. The National Cybersecurity Institute (INCIBE) reinforces this scenario: fraud attempts increase by more than 20% in November, coinciding with discount campaigns.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>The decisive role of cyber insurance during these periods<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>What does good cyber insurance cover?<\/strong><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">The <a href=\"https:\/\/ribesalat.com\/sectores\/tech\/\">cover <\/a>offered today is crucial to <strong>protect end-of-year campaigns<\/strong>:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Loss of income <\/strong><strong><em>(business interruption)<\/em><\/strong>\n<ul class=\"wp-block-list\">\n<li>Due to a security breach or cyberattack.<\/li>\n\n\n\n<li>Due to a system failure, even without an attack.<\/li>\n\n\n\n<li>Due to failure of a critical provider (payment gateway, cloud, CDN, logistics, APIs), whether technological or not.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Incident management<\/strong>\n<ul class=\"wp-block-list\">\n<li>Digital forensics and containment.<\/li>\n\n\n\n<li>System restoration and data recovery.<\/li>\n\n\n\n<li>Negotiation in ransomware cases.<\/li>\n\n\n\n<li>Operational support to recover orders and processes.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Data breaches and legal liability<\/strong>\n<ul class=\"wp-block-list\">\n<li>Cover against claims related to personal data.<\/li>\n\n\n\n<li>GDPR and other applicable regulations.<\/li>\n\n\n\n<li>Legal defence and, where permitted by law, insurable fines.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Reputation and crisis communication<\/strong>\n<ul class=\"wp-block-list\">\n<li>Specialised communication teams.<\/li>\n\n\n\n<li>Messages to clients, press releases, and social media management.<\/li>\n\n\n\n<li>Specific actions to restore trust in the digital channel.<\/li>\n\n\n\n<li>Consequential loss due to reputational damage.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Protection against fraud and social engineering<\/strong>\n<ul class=\"wp-block-list\">\n<li>Employee fraud.<\/li>\n\n\n\n<li>Impersonation of suppliers.<\/li>\n\n\n\n<li>Fake banking instructions and misleading transfers.<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n\n\n\n<p class=\"wp-block-paragraph\">In other words, cyber insurance becomes an integral part of the <strong>overall digital security strategy<\/strong>: it covers the economic impact, while the technical and business teams focus on restoring normal operations.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Why these dates are the \u201cmoment of truth\u201d<\/strong><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">The annual risk curve is compressed into just a few weeks. If an incident occurs during this period, <strong>the impact can be equivalent to months of activity. <\/strong>Without an adequate policy:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>The company alone bears the combination of:<\/strong>\n<ul class=\"wp-block-list\">\n<li>Loss of sales on key days.<\/li>\n\n\n\n<li>Technical and legal response costs.<\/li>\n\n\n\n<li>Reputational damage and loss of trust.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>A simple provider outage can translate into millions lost:<\/strong>\n<ul class=\"wp-block-list\">\n<li>Website inaccessible during Black Friday.<\/li>\n\n\n\n<li>Payment gateway blocked on the busiest weekend.<\/li>\n\n\n\n<li>Logistics provider paralysed in the last week of Christmas.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Attackers know that a 20-minute outage is worth millions&#8230;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>How to calculate what a 20-minute outage costs you&nbsp;<\/strong><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">The simplest way to calculate it is as follows:<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Step 1 \u2014 Calculate your sales per minute<\/strong><\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">Take your sales from Black Friday, Cyber Monday, or a major campaign day. Realistic example:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">If you sell \u20ac180,000 a day, do the following: \u20ac180,000 \/ 1,440 minutes = \u20ac125 per minute (1 day = 1,440 minutes)<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">But during campaigns, sales usually triple, so adjust:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">On Black Friday, you could sell:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u20ac500,000 \/ 1,440 = \u20ac347 per minute. That&#8217;s what <strong>\u201cyour minute is worth\u201d<\/strong>.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Step 2 \u2014 Multiply by the number of minutes lost<\/strong><\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">If your website, payments, or CDN goes down for 20 minutes: \u20ac347 \u00d7 20 = \u20ac6,940 lost directly (not including unrecovered carts).<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Step 3 \u2014 Add the \u201cinvisible\u201d (but real) effect<\/strong><\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">An outage isn&#8217;t just about what you don&#8217;t sell; you also need to consider:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Permanently abandoned carts.<\/li>\n\n\n\n<li>Of 100 customers who leave\u2026 only <strong>20\u201330<\/strong> return.<\/li>\n\n\n\n<li>Loss of reputation.<\/li>\n\n\n\n<li>Paid campaigns (SEM\/Meta\/Ads) wasted.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Cost of the incident.<\/li>\n\n\n\n<li>IT emergencies.<\/li>\n\n\n\n<li>Human hours.<\/li>\n\n\n\n<li>Customer support.<\/li>\n\n\n\n<li>Logistics penalties.<\/li>\n\n\n\n<li>Corrections of duplicate orders.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Guideline based on studies by IBM and Gartner:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Every euro lost in direct sales generates an additional <strong>3 to 5 euros<\/strong> in derived costs.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>What does this look like in real numbers?<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Conservative estimate:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Direct loss \u2192 \u20ac6,940<\/li>\n\n\n\n<li>Indirect costs (x3) \u2192 \u20ac20,820<\/li>\n\n\n\n<li>Actual total \u2192 <strong>\u20ac27,760 for 20 minutes<\/strong><\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Very conservative estimate:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">If your peak sales are higher, multiply. If you are in the fashion, electronics or food sector, the figure doubles.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In addition, it is important to note that we have not factored in potential <strong>multi-million euro penalties<\/strong> from legal liabilities or claims that a regulator or customer might make.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Without cyber insurance, a provider outage can cost millions<\/strong><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Year after year, <strong>Black Friday, Cyber Monday, and Christmas<\/strong> campaigns will continue to break records in sales and traffic. Mature organisations understand that the key is not to ask whether something will fail, but to <strong>identify in advance<\/strong> where the next disruption might occur: the website, the checkout, a critical provider, integrations, or the systems supporting customer data.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">A solid <strong>digital security<\/strong> strategy combines technical reinforcement, operational discipline, anti-fraud controls, and <strong>cyber insurance coverage<\/strong> that responds when something fails. You can count on <strong>Rib\u00e9Salat <\/strong>for this: we help businesses manage these risks by designing <strong>cyber insurance<\/strong> solutions tailored to the reality of each business and its digital channel.Now is the time to review your level of <strong>digital security<\/strong> and ensure your financial protection is up to standard. We invite you to <a href=\"https:\/\/ribesalat.com\/contacto\/\"><strong>speak <\/strong><\/a>with our specialised team, who, together with our network of strategic partners, will analyse your exposure, review your coverage, and design a bespoke solution so you can face these risks with greater confidence.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>E-commerce breaks records every season\u2014especially on Black Friday, Cyber Monday, and Christmas\u2014but the rise in sales also increases digital risks. Discover how this affects your business and how to protect yourself this season.<\/p>\n","protected":false},"author":15,"featured_media":3390,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[40,10],"tags":[],"class_list":["post-3385","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-insurance-and-financial-solutions","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/ribesalat.com\/en\/wp-json\/wp\/v2\/posts\/3385","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ribesalat.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ribesalat.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ribesalat.com\/en\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/ribesalat.com\/en\/wp-json\/wp\/v2\/comments?post=3385"}],"version-history":[{"count":2,"href":"https:\/\/ribesalat.com\/en\/wp-json\/wp\/v2\/posts\/3385\/revisions"}],"predecessor-version":[{"id":3387,"href":"https:\/\/ribesalat.com\/en\/wp-json\/wp\/v2\/posts\/3385\/revisions\/3387"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ribesalat.com\/en\/wp-json\/wp\/v2\/media\/3390"}],"wp:attachment":[{"href":"https:\/\/ribesalat.com\/en\/wp-json\/wp\/v2\/media?parent=3385"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ribesalat.com\/en\/wp-json\/wp\/v2\/categories?post=3385"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ribesalat.com\/en\/wp-json\/wp\/v2\/tags?post=3385"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}