Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Increase in cyber attacks affects all sizes of companies

Arbor Networks : 01 April, 2015  (Special Report)
Darren Anstee, Director of Solutions Architects at Arbor Networks puts perspective on the cyber security landscape and shows it isn't just large companies that are at risk
Increase in cyber attacks affects all sizes of companies

From the attack on Sony to the Heartbleed vulnerability – we saw it all last year, and the continued proliferation of high-profile media stories on cyber-attacks in 2015 has ensured that security has stayed top-of-mind for many. However, while these news stories may have increased awareness of the more significant incidents and vulnerabilities, it is important to understand the scale and scope of the problem.  Attacks are happening all the time, and its not just the big brands that get hit.

Arbor Networks’ recent Tenth Annual Worldwide Infrastructure Security Report (WISR) highlights the key trends in the threat landscape and concerns facing organisations.  The report collates the observations and experiences of the operational security community, so it is a useful repository of data on the threats organisations have seen over the past year, what they have done about them and what they are concerned about for the future.

One of the key findings of the research was in relation to Distributed Denial of Service (DDoS) attacks - the number one threat to the availability of the Internet services that many of us now rely on.  DDoS attacks have continued to grow in size and frequency, with 2014 being a record-breaking year for large attacks. Over 150 attacks at over 100Gbps were monitored last year by Arbor’s ATLAS system, a 4x increase over 2013, and the ‘largest’ attack record was broken again, now standing at around 400Gbps. But it’s not just the large attacks that have become increasingly common, enterprise organisations involved in the research reported that 29% of attacks were of the stealthier, more complex application layer variety – and these are much harder to stop.

DDoS defence is hugely important for any organisation that has any reliance on Internet services that they either provide or utilise. And service providers are seeing increased awareness of this – with 70% of them seeing increased interest in DDoS protection services.  These services can mitigate attacks pretty quickly, 68% of service providers involved in the WISR research now able to mitigate an attack in less than 20 minutes. But we have to remember that service recovery times can be longer than this - especially if infrastructure is exposed to application layer or state-exhaustion attacks. This is why layered DDoS defences are so important; they can proactively block attacks as soon as they begin, and can remove the need to divert traffic if the attack doesn’t escalate above link capacity. The best solutions integrate network perimeter solutions with cloud DDoS protection services so that the perimeter component can ‘call for help’ automatically should an attack escalate.
 
Looking  more generally at the preparedness for all types of security incidents, again based on WISR data, it is interesting to note that despite the increased awareness of breaches and attacks only around a half of enterprise organisations feel well prepared for a cyber-incident, and 10% feel completely unprepared.  Technology is one thing, but a bigger issue for many organisations is people and process.

Most organisations suffer from a shortage of security resources, and that can make finding the time to rehearse incident response plans difficult. However, it is hugely important. Familiarity with the tools and people, both internally and externally, that can be called upon during an incident can really help. Using the right tools to facilitate event triage and the investigative process can improve the efficiency of security resources – allowing them to spend more time on higher value activities, such as rehearsing processes and threat hunting.

One thing is certain, as threats continue to evolve and more and more of our businesses become reliant on Internet services for day-to-day business activities, ensuring we invest appropriately in the technologies, people and processes that contribute to the security of our organisations is only going to get more important.  Having a good view of the threat landscape, and how it pertains to the businesses we work within, is something everyone needs.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo