A global telecom company suffered substantial damage from a DDoS attack, surprising its board and C-suite leaders, who had believed that they were well protected from DDoS attackers. The sudden attack brought their network down and in a waterfall effect, affected customer businesses across various industry segments including banking, retail, mobility, and even social media. A post-mortem of the attack brought out surprising findings but the most important one, across the board, was the limited importance attributed to DDoS attacks within the enterprise risk landscape.
Overall, enterprises engage sophisticated technologies to protect business assets and are committed to cybersecurity. Also, most enterprises remain confident that their mitigation solutions will ensure total protection from damaging DDoS attacks. The wake-up call comes when the organization is under an attack and by then it is often too late. One of the key reasons for this is that enterprises expect their existing defense solutions to protect them without realizing that DDoS is a different type of threat altogether and needs to be handled differently. A classic example in recent times is the New Zealand stock exchange DDoS attacks that brought down the exchange for several days. In the wake of the aftermath, its CIO who had served the company for over 11 years, resigned.
A clear understanding of the DDoS landscape, the threat factors, and the mitigation solution itself is required by all stakeholders in an enterprise. Without this understanding, the commitment is reduced, and the responsibility falls on a few to explain and suffer the consequences of an attack.
Here are 3 tips that can help CISO’s involve and engage stakeholders in the DDoS strategy:
DDoS is Not Just an IT Issue
DDoS mitigation is not an IT issue limited to bandwidth and networking. It is a global concern that affects business continuity, reputation, and customer loyalty, and therefore requires the complete engagement and involvement of business leaders. What could help is changing the discussions from DDoS mitigation to educating leaders about the implications of DDoS attacks. This would involve strategic information of the risk environment, and their personal obligations as stakeholders to stay committed to the ultimate DDoS protection strategy. McKinsey in a recent cybersecurity report says, “Business leaders and CISO’s must work together to identify and protect the “crown jewels”—those corporate assets that generate the most value for a company”. If the mind shift happens across all levels in an organization, the overall attitude to DDoS will shift from DDoS mitigation to DDoS protection.
Implications for Business
DDoS risk is not a static but a dynamic challenge with empowered mitigation solutions. The DDoS threat landscape is continuously shifting with new threats, new vulnerabilities, and new forms of attacks emerging almost on a day-to-day basis. For businesses, the impact of DDoS attacks is substantial both in the short and long terms. Short-term damages, for example, are costs associated with downtime/latency, and loss of immediate revenue, personnel costs associated with mitigating attacks. The long-term impact would be customer churn, regulatory repercussions, and compromised data. The blog `Calculate the Cost of DDoS Attacks' explains in detail the repercussions of DDoS attacks for enterprises.
Enterprises should remain convinced about the urgency to manage the threat landscape and invest in innovation by adopting technology solutions that provide preemptive protection. Protection instead of mitigation is key to ensuring DDoS protection irrespective of changes to the network or new DDoS threats. The conversation in boardrooms will then be `Glad to note that we are ensuring DDoS protection.’
Reactive Responses Post-Attack
Even with the most sophisticated DDoS mitigation and testing solutions deployed, most companies are left with major DDoS vulnerabilities. DDoS Mitigation security policies don't adapt to dynamic changes happening in the network, leaving around 50% of DDoS vulnerabilities undetected and therefore unprotected. Furthermore, mitigation solutions & infrequent Red Team DDoS testing are reactive, rather than automatically and continuously detecting and closing vulnerabilities.
Adding the RADAR™ layer to any mitigation system provides the ultimate DDoS protection. Customers enjoy continuous DDoS mitigation gap detection & remediation with no integration time and zero impact to ongoing IT systems. Where required, Red team testing is drastically cut due to full ongoing DDoS intelligence reports, and DDoS defenses are at their highest possible level. RADAR™ provides a far superior ROI and performance for DDoS mitigation, risk management, ongoing vulnerability elimination and infrequent Red team testing.
Israel-based MazeBolt is an innovation leader in cybersecurity, with over two decades of experience in pioneering DDoS protection solutions. The company’s new flagship product, RADAR™, is a patented, new technology. It offers DDoS protection through automated DDoS simulations on live production, with zero downtime. Working in conjunction with any mitigation solution installed. Its unique capabilities have ensured business continuity and full DDoS security posture for enterprises worldwide including Fortune 1000 & NASDAQ-listed companies.
RADAR™, is MazeBolt’s new patented technology solution and part of the MazeBolt security platform. It continuously & without disruption, detects all DDoS attack vectors. Delivering advanced intelligence, through straightforward reports on how to remediate the DDoS vulnerabilities found. With RADAR™, organizations achieve, maintain, and verify the continuous closing of their DDoS vulnerabilities. Dramatically maximizing the efficiency of any mitigation solution while providing the ultimate DDoS protection.