New research from Corero
Network Security (CNS: LN) reveals that many businesses are failing
to take adequate measures to protect themselves against the threat of a
DDoS attack. A survey of 100 companies revealed that in spite of the
reports about the cost of downtime and the potential for DDoS attacks to
mask greater threats, businesses are failing to put in place effective
defenses or plans to mitigate the impact of a DDoS attack against their
organization. More than half of companies lack adequate DDoS defense
technology, and 44 percent of respondents have no formal DDoS attack
response plan.
The survey asked respondents about the effectiveness of their plans to
prevent, detect and mitigate the damage of a cyber attack including
examining their incident response plans from the standpoint of:
infrastructure, roles and responsibilities, technology, maintenance, and
testing. The findings revealed a lack of planning on multiple levels:
whilst nearly half of businesses lacked a formal DDoS response plan, the
problem was compounded by out of date network visibility as more than 54
percent of respondents have outdated or non-existent network maps.
Furthermore, approximately one in three businesses lacked any clear idea
of their normal network traffic volume, making it more difficult to
discern between routine traffic peaks or high traffic volumes that could
signal a DDoS attack.
Corero also found that many companies have under invested in their
security infrastructures and have done little to verify that the
solutions they have implemented will work when needed. Respondents are
continuing to rely on firewalls to mitigate the impact of DDoS attacks,
reaffirming the findings of previous surveys.
Approximately 40 percent of respondents depend on firewalls, while 41
percent have a dedicated DDoS defense technology in place. However, even
amongst those companies that had invested in DDoS defense technology,
many are failing to optimize the systems with regular tuning and
updating. Nearly 60 percent do not test their DDoS defenses regularly
with network and application-layer tests.
Beyond the technology implementations and planning, Corero’s survey also
found that nearly half of the businesses surveyed do not have a
dedicated DDoS response team. For the organizations that do have a team
in place, most of them do not have specifically defined roles and
responsibilities for responding to DDoS attacks. This lack of
preparation could lead to additional delays in initiating the
appropriate response, leaving the corporate network in the hands of
attackers until the response team coordinates its activities.
“With an increase in malicious attacks on organizations from cyber
criminals, ideological hacktivists, nation states and even competitors,
there is no foreseeable end in sight to the use of DDoS as a common
method of intentional disruption,” said Ashley Stephenson, CEO of Corero
Network Security. “It is concerning to see the lack of
preparedness of some businesses to a type of attack which has the
potential to cause significant lost revenues and serious brand damage.”
View an infographic of the survey results by visiting http://bit.ly/IqYsKl
To learn more about how Corero helps businesses around the world defend
themselves against DDoS attacks with its DDoS Defense System, visit http://www.corero.com/en/products_and_services/dds.
About Corero Network Security
Corero Network Security, an organization’s First Line of Defense®, is an
international network security company and a leading provider of
Distributed Denial of Service (DDoS) defense and next generation
security solutions. As the First Line of Defense, Corero’s products and
services stop attacks at the perimeter including DDoS, server targeted,
and zero-day attacks, protecting IT infrastructure and eliminating
downtime. Corero’s solutions are dynamic and automatically respond to
evolving cyber attacks, known and unknown, allowing existing IT
infrastructure – such as firewalls which are ineffective at stopping
much of today’s unwanted traffic at the perimeter – to perform their
intended purposes. For more information, visit www.corero.com.
Copyright Business Wire 2013