The task of exact loss evaluation from a single DDoS attack is intricate, particularly if the specifics of your company are not considered. For example, mass media don't do direct sales, so their losses generally represent the damage to their reputation and decrease in their potential audience. However this most often affects the material losses, too. In the opposite, in case of billing systems the direct losses are relatively easy to evaluate, while damage to the brand may likely come visible much later. It is also difficult to forecast the impact of human factor - noone is safe from the mistakes of their own employees, even the most qualified ones.
We have attempted to construct a unified evaluation form for any kind of organization, which can give a sufficient view of potential losses scope, and, most important, the list of causes of the losses which will inevitably happen if the DDoS attack catches the company unprepared.