I try to look into my past to see where and when I learned the concept of risk. I go back to the different decades of my life where risk actually played different roles. As an infant, it was such as yes/no, good/bad and happy/sad time. In my childhood and formative years, my cognitive skills, and perhaps my negotiation skills came to play, but even then it was all about getting what I wanted…consequences be damned. My 20’s were quite a learning experience, but even then I wasn’t thinking about long-term outcomes. I was immortal, and any mistake I made would be forgiven and would become a learning experience. I suppose my 30’s (as I age myself in this blog) were when I decided to measure the outcomes before making a decision.
So I ask you this question: Why do businesses act like 20-somethings? Why do so many businesses feel that all the threats out there are meant for others? I seem to hear more times than not, “It won’t happen to our company, because…” when I should be hearing “Why does this always happen to us?” No one is immune, and no one should be in denial.
But if you are working towards a mature security and network infrastructure, and you are constantly updating your strategy and posture, then read on, because I would like to talk to you about one of the most dangerous security threats that can create a cascading effect of security breaches if not addressed the correct way: DDoS mitigation. This may not be a buzzword, but it deserves more attention. Not addressing your DDoS risk is like comparing your network to the story of The Emperor’s New Clothes.
Let me provide you with three reasons behind DDoS attacks infiltrating your network that you should be aware of, and prepared against:
The DDoS Threat Has Changed
I won’t go into the different categories of DDoS attacks, but I will say that the attack types have never been more diverse and nefarious. What makes them even more dangerous is the fact that multiple attack types in conjunction with other attack threats are being used in unison. This methodology is used to find security gaps on the network that can be exploited, and to exhaust the network and network resources, acting as a smokescreen to deflect attention away from the nefarious activities happening behind that ‘screen.’ Basically, DDoS attacks are being used as part of a much larger attack campaign. This change has unique.
The majority of enterprises that have DDoS mitigation solutions in place rely on their network operations teams to manage and use these solutions, along with firewalls, routers, load balancers, etc. Back when DoS attacks were more of a nuisance, this organization’s strategy was effective as its pure intent was to keep the network pipes running. As mentioned earlier, DoS attacks are more times than not being used as a part of a larger security threat to the network, and as such, the network operation team does not have the capacity or capability to focus on the entire attack. This gap between network and security operations can very easily be exploited. Better alignment, if not a consolidation between these two teams should be part of your overall security posture and improvement strategy.
The Cost & Risk Analysis of an Attack Has Changed
When you are dealing with more than a single attack vector, the reasoning and use cases of an attack become very diverse, and the costs to mitigate and recover, as well as the values assigned to the risk factors increase. At inception, DoS attacks were used as a way to prohibit access to a network. This caused outages and the inability to move product via the web. Downtime was your single largest cost. In today’s environment, the costs ranges from downtime, to damaged equipment, customer data, and even corporate IP.
Not only have the attack types changed and advanced over time, the use cases for “the network” are different. Just three years ago, most enterprises were experimenting with virtualization and “some” cloud applications. Today, enterprises have accelerated beyond cloud-based applications and are looking at software-defined networks (SDN) and network function virtualization (NFV). As we embrace these advancements, we must recognize that they bring new complexity and risk to the infrastructure. The faster we move towards technology adoption, the more pragmatic we must be when it comes to security posture. We must accept the fact that we are increasing our risk, while we look at technologies that address the most obvious and common attack tactics.
The Reality of Addressing Security Threats HAS NOT Changed
This is a bad thing. What I mean by the reality not changing is the fact that the views have changed, but the reality is that businesses are not making that shift to address the newer and greater threats. We know it is real, and we know we have to do something about it, but the reality is that we have not made the change, or have changed enough.
The reasons for this are varied and long on a list, but the reality is that without change, business sustainability is impossible. Network operations and security operations teams must learn to communicate and share their information and resources. Management must face the reality that their teams will not be able to grow, as there will be a shortage of technologist in the coming years. Executives must accept the fact that they spend way too much on existing technologies and maintenance, and not enough where it matters. The risks associated to old thinking are too high. DDoS attacks are just one of many attack types that can cause irreparable harm to your brand and your revenue. It is a big one, but just one…and one to start with when making the necessary changes to your approach to network security maturity.
So the next time you think that the associated risks are too small, or that an attack like DDoS will not, or cannot happen to you…then think again. To better understand the risks, and to learn from the mistakes from other enterprises, read our solution brief titled “New Business Risks of ‘Never Happen to Me.’” Just don’t say I didn’t warn you.
The post Don’t say I didn’t warn you! appeared first on Arbor Insights - Our People, Products and Perspective.