Akamai just released a new DDoS report, “Fighting the Heat, EMEA’s Rising DDoS Threats”.
The report identifies and highlights the critical need to continuously identify and remediate vulnerabilities in deployed DDoS defenses.
This pre-attack approach is a welcome and dramatic shift. This report seems to show that Akamai appreciates the need to shift its focus to pre-attack vulnerability identification and remediation, instead of waiting around and then passively triggering a manual SLA after a damaging attack starts.
The pre-attack approach described in the report is a requirement to avoid a reactive response scenario that results in financial losses and regulatory compliance scrutiny.
MazeBolt’s Analysis
The following are some notable quotes from the Akamai report with our analysis added:
“It’s crucial for businesses to implement robust security measures and routinely evaluate their applications and networks to avoid and mitigate cyberattacks.”
Comment: The Digital Operational Resilience Act (DORA) speaks about continuous testing of security controls. Regulators understand this is critical in avoiding damage and will penalize those that don’t continuously validate.
The report continues, with regard to the importance of implementing robust security measures and routinely evaluating applications and networks, “This is especially important to protect against DDoS attacks since they do not allow much reaction time.”
Comment: Critical point – the moment you must respond to an attack, the damage is done, and the automated defense has failed. Multi-vector attacks will ensure you’re in a reactive posture, if DDoS vulnerabilities are not identified and patched pre-attack in deployed protections.
“Additionally, DDoS attacks tend to target less well protected entities, which attackers identify through precise reconnaissance and testing. It is, therefore, important for organizations to establish efficient security procedures, as well as to have available business continuity and disaster recovery plans.”
Comment: The only way to avoid disaster recovery in DDoS, is to identify and remediate DDoS vulnerabilities proactively and continuously. The only way you can suffer from a successful attack once you have DDoS protection, is due to a DDoS vulnerability in the deployed protection.
“Combined, the new legislative measures and directives may provide some safety guardrails for organizations.”
Comment: This will also ensure mitigation vendors have strict SLAs on patching vulnerabilities identified in their protections – pre attack. A focus of more resources on pre-attack vulnerability remediation, rather than post attack damaging SLA responses, is required.
Mitigation vendors that have prioritized proactive identification and remediation of DDoS vulnerabilities will ensure the best DDoS security, regulatory compliance, and financial loss prevention for their customers. To date, F5 have prioritized DDoS vulnerability remediation in a predictable, systemic and reliable way for their DDoS mitigation services.
Organizations wanting to avoid a damaging DDoS attack should ask two simple questions:
- Do I have DDoS vulnerability reporting for my organization and regulators?
- What is my DDoS mitigation vendor’s SLA in remediating DDoS vulnerabilities identified pre-attack?
See more here: https://mazebolt.com/dtr/
