A global telecom company suffered substantial damage from a DDoS attack, surprising its board and C-suite leaders, who believed they were well protected from DDoS attackers. The sudden attack brought their network down and, in a waterfall effect, affected customer businesses across various industry segments, including banking, retail, mobility, and even social media. A post-mortem of the attack brought out surprising findings. Still, the most important across the board was the limited importance attributed to DDoS attacks within the enterprise risk landscape.
Enterprises use sophisticated technologies to protect business assets and are committed to cybersecurity. Also, most enterprises remain confident that their mitigation solutions will protect them from damaging DDoS attacks. The wake-up call comes when the organization is under attack; by then, it is often too late. One of the key reasons for this is that enterprises expect their existing defense solutions to protect them without realizing that DDoS is a different type of threat altogether and needs to be handled differently. A classic example in recent times is the New Zealand stock exchange DDoS attacks that brought down the exchange for several days. In the wake of the aftermath, its CIO, who had served the company for over 11 years, resigned.
All stakeholders in an enterprise require a clear understanding of the DDoS landscape, the threat factors, and the mitigation solution itself. Without this understanding, the commitment is reduced, and a few are responsible for explaining and suffering the consequences of an attack.
Three tips that can help CISO’s involve and engage stakeholders in the DDoS strategy:
DDoS is Not an IT Issue
DDoS mitigation is not an IT issue limited to bandwidth and networking. It is a global concern that affects business continuity, reputation, and customer loyalty and therefore requires business leaders’ complete engagement and involvement. What could help is changing the discussions from DDoS mitigation to educating leaders about the implications of DDoS attacks. This would involve strategic information on the risk environment and their obligations as stakeholders to stay committed to the ultimate DDoS protection strategy. McKinsey, in a recent cybersecurity report, says, “Business leaders and CISOs must work together to identify and protect the “crown jewels”—those corporate assets that generate the most value for a company.” If the mind shift happens across all organizational levels, the overall attitude to DDoS will shift from DDoS mitigation to DDoS protection.
Implications for Business
DDoS risk is not static but a dynamic challenge with empowered mitigation solutions. The DDoS threat landscape is continuously shifting, with new threats, new vulnerabilities, and new forms of attacks emerging almost on a day-to-day basis. For businesses, the impact of DDoS attacks is substantial both in the short and long term. Short-term damages, for example, are costs associated with downtime/latency, loss of immediate revenue, and personnel costs associated with mitigating attacks. The long-term impact would be customer churn, regulatory repercussions, and compromised data. The blog `Calculate the Cost of DDoS Attacks‘ explains in detail the consequences of DDoS attacks for enterprises. Enterprises should remain convinced about the urgency to manage the threat landscape and invest in innovation by adopting technology solutions that provide preemptive protection. Protection instead of mitigation is key to ensuring DDoS protection irrespective of changes to the network or new DDoS threats. The conversation in boardrooms will then be `Glad to note that we are ensuring DDoS protection.’
Reactive Responses Post-Attack
Even with the most sophisticated DDoS mitigation and testing solutions deployed, most companies are left with major DDoS vulnerabilities. DDoS Mitigation security policies don’t adapt to dynamic changes happening in the network, leaving around 50% of DDoS vulnerabilities undetected and, therefore, unprotected. Furthermore, mitigation solutions & infrequent Red Team DDoS testing are reactive rather than automatically and continuously detecting and closing vulnerabilities.
Adding the RADAR™ layer to any mitigation system provides the ultimate DDoS protection. Customers enjoy continuous DDoS mitigation gap detection & remediation with no integration time and zero impact on ongoing IT systems. Where required, Red team testing is drastically cut due to complete ongoing DDoS intelligence reports, and DDoS defenses are at their highest possible level. RADAR™ provides a far superior ROI and performance for DDoS mitigation, risk management, ongoing vulnerability elimination, and periodic Red team testing.
Israel-based MazeBolt is an innovation leader in cybersecurity with over two decades of experience in pioneering DDoS protection solutions. The company’s new flagship product, RADAR™, is a patented technology. It offers DDoS protection through automated DDoS simulations on live production with zero downtime. Working in conjunction with any mitigation solution installed. Its unique capabilities have ensured business continuity and full DDoS security posture for enterprises worldwide, including Fortune 1000 & NASDAQ-listed companies.
RADAR™ is MazeBolt’s new patented technology solution and part of the MazeBolt security platform. It continuously & without disruption detects all DDoS attack vectors. Delivering advanced intelligence through straightforward reports on how to remediate the DDoS vulnerabilities found. With RADAR™, organizations achieve, maintain, and verify the continuous closing of their DDoS vulnerabilities. Dramatically maximizing the efficiency of any mitigation solution while providing the ultimate DDoS protection.