The Risk vs. Cost of Enterprise DDoS Protection
|
|
- Stephany Richard
- 8 years ago
- Views:
Transcription
1 WHITE PAPER The Risk vs. Cost of Enterprise DDoS Protection How to Calculate the ROI from a DDoS Defense Solution 1
2 Every day, we hear more about distributed denial of service (DDoS) attacks. DDoS attacks can impact organizations of all sizes and across all industries, while disabling infrastructure resources, applications, and business operations. An effective DDoS defense system can safeguard business operations against DDoS-related outages. This paper provides a simple, step-by-step approach for evaluating the financial return on investing in a DDoS defense system. Using industry averages for attack frequency and outage costs, the results show that investing in an effective DDoS protection system, such as Bright House Networks Enterprise Solutions DDoS Mitigation, provides a strong positive ROI and lowers financial risk. Understanding the Risk of Attack Few studies focus on the probability that a business will experience a DDoS attack of significant impact. However, survey information from Forrester Research and Arbor Networks provides insight into the risk of such an attack. Forrester Research conducted a survey of 400 companies with significant online operations. 1 The survey s objective was to gather basic information on the DDoS threat to these businesses, which included online financial services, media, news, political sites, gaming, entertainment, web hosting, and ecommerce. Among the results, over 70% reported at least one DDoS attack in the previous 12 month period. Attack durations were highly variable, but the most common duration for attacks that had operational and business impact was two to six hours. Arbor Networks annual Worldwide Infrastructure Security Report 2 is an excellent source of more detailed information on the frequency and nature of DDoS attacks on Internet service providers (ISPs) and Internet data centers (IDCs). Based on the responses from 287 service providers, hosting companies, and enterprises, survey data shows that these organizations are experiencing a high frequency of DDoS attacks equating to multiple attacks per month (see Figure 1). Figure 1: Attack Frequency 6% 0 7% % % % % % More than 500 2
3 % of Survey Respondents McAfee 3 also surveyed IT and security executives from seven industry sectors and found the frequency and impact of DDoS attacks to be similar to those reported by Arbor. Arbors more recent survey in October 2014 reveals nearly half of enterprise, government, and education respondents seeing DDoS attacks during the survey period, with almost 40 percent of those seeing their Internet connectivity saturated. Just over a third of respondents indicated an increase in security incidents in 2014, with about half indicating similar levels to the previous year 4. The most frequently observed threats targeting enterprise, government, and education respondents are DDoS attacks, accidental data loss, and bottled or otherwise compromised hosts. Each of these categories garnered around a third of respondents (see Figure 2). This data clearly indicates that DDoS attacks are now seen as one of the top threats to enterprise, government, and educational organizations. This backs up anecdotal information, outside of this survey, indicating that a growing proportion of these organizations are looking for DDoS defenses. Figure 2: Most Significant Operational Threats 39% Internet connectivity congestion due to DDoS attack 33% Accidental data loss 32% Botted or otherwise compromised hosts on your corporate network 26% Accidental major service outage 26% Internet connectivity congestion due to genuine traffic growth/spike 18% Advanced Persistent Threat (APT) on corporate network 18% Exposure of sensitive, but non-regulated data 17% None of the above 15% Web defacement 13% Exposure of regulated data 13% Theft 12% Malicious insider 9% Industrial espionage or data exfiltration 8% Other The capacity to unleash a large DDoS attack is available to anyone simply by renting a botnet. Table 1 shows the results of a survey on botnet rental pricing. In short, the resources needed to carry out large-scale DDoS attacks are low cost and readily available. 3
4 Table 1: Botnet Rental Pricing PRICE DURATION HOURS BANDWIDTH MBPS $ $ $ $ $ $ ,000 $ ,000 $ ,000 $ ,000 $ ,750 $1, ,750 $5, ,750 $6, ,750 Botnets are not the only source of DDoS attacks. Social media sites can coordinate large numbers of willing users to carry out DDoS attacks as illustrated by the WikiLeaks inspired attacks in late Coordinated through Twitter, large numbers of end users downloaded a simple attack tool and directed attacks at numerous companies deemed complicit in interfering with what the users viewed as the legitimate activities of WikiLeaks. These attacks successfully targeted high profile companies, including PayPal, MasterCard, and Visa. The attacks went both ways as well. The provider hosting WikiLeaks had to remove the site from its infrastructure because DDoS attacks directed at WikiLeaks were impacting service to all its customers. The overall impact of a DDoS attack is a function of the time it takes to detect the attack, the time needed to mitigate it and the extent of service degradation both before and after mitigation. For many, detection consists of simply waiting for an attack to occur, and mitigation consists of dropping all traffic destined to the resource under attack. This is far from what mitigation should be. How quickly organizations respond to detected threats is hugely important, and has been highlighted as an issue in other studies. Arbor Networks 2014 Worldwide Infrastructure Security Report 4 asked organizations to estimate their average response times to security incidents. Enterprise, government, and educational organizations reported impressive response times (Table 2), although they are generally slower than those of service provider organizations. Table 2: Incident Response Time MINIMUM MAXIMUM AVERAGE Time from compromise to discovery 10 minutes 6 months 1 week Time from discovery to internal reporting 1 second 1 month 1 day Time from reporting to resolution 30 minutes 6 months 1 week 4
5 % of Survey Respondents About two-thirds of organizations reported having both an incident response plan and at least some dedicated resources (Figure 3). Fifteen percent of respondents indicated having no plans or resources, while another 18 percent have plans but no resources. Figure 3: Incident Response Posture 46% We have an incident handling plan with limited resources 18% We have an incident handling plan with a well resourced team 17% We have an incident handling plan with no dedicated resources 15% We do not have an incident handling plan or team 4% Incident response is outsourced to a third-party organization/service Understanding the Cost of an Attack Organizations observed a number of different business impacts as a direct result of DDoS attacks. About half cited operational expenses (Figure 4) and nearly 40 percent indicated reputation or customer loss due to DDoS attacks. One-fifth indicated direct revenue loss, with other impacts including employee turnover and stock price fluctuation. The costs associated with DDoS attacks are multi-faceted, and organizations should factor all of these into their calculations when looking at their investment strategies for defensive solutions. Figure 4: Business Impact of DDoS Attacks 49% Operational expense 37% Reputation damage/customer loss 20% Revenue loss 8% Employee turnover 4% Stock price fluctuation 2% Loss of executive or senior management 18% Other The cost of outages due to DDoS attacks is comprised of operational costs and revenue impacts. Lower-impact and lower-duration attacks may result only in added operational costs. Higher impact attacks will also negatively affect revenues as business operations are partially or fully impaired. The elements contributing to the overall cost of DDoS consist of some or all of the following: 5
6 Personnel time spent addressing and recovering from the outage Incremental help desk expenses Lost sales Customer credits and refunds Lost employee productivity Cost of customer defections and lost or missed sales Degradation of reputation resulting in higher customer acquisition costs and a lower rate of business growth The specifics of how outages result in financial losses vary with the type of business. Businesses that are transactional in nature, such as ecommerce, suffer loss as the result of lost sales that are not made up later and lost future business as customers go to alternative suppliers on an ongoing basis. A generic approach to calculating cost regardless of business type can be based on the annual company revenue and the percent dependence of the business on the IDC. Some businesses, such as ecommerce, are effectively closed when their data center is unavailable while other businesses can partially function during an outage. However, for virtually all businesses, the impact of an outage increases exponentially with the length of the outage. For example, 40% of businesses surveyed reported that a 72 hour outage would put their survival at risk. 5 Such impacts that extend beyond the period of the outage itself can be accounted for as lost future business. Table 3 illustrates this generic approach to estimating the cost of DDoS induced outages using an example of a business fully reliant on its IDC and with $50M in annual revenue. Table 3: Modeling Cost of Outages Due to DDoS ATTACK DURATION HOURS OPERATIONS #hours x # staff x cost/person/hour HELP DESK # hours x calls/hour x cost/call LOST CURRENT REVENUE Enterprise revenue x % business loss x outage duration LOSS OF FUTURE BUSINESS Present value of 1 year lost growth TOTAL COST PER ATTACK x 4 x $75 4 x 25 x $20 $50m / 8760 x 4 0% x $50m x 2.49 $26, x 4 x $75 9 x 25 x $20 $50m / 8760 x 9 0% x $50m x 2.49 $58, x 4 x $75 18 x 25 x $20 $50m / 8760 x % x $50m x 2.49 $428, x 4 x $75 30 x 25 x $20 $50m / 8760 x % x $50m x 2.49 $817,773 Combining the DDoS attack risk profile with attack cost estimates produces the expected cost over three years, as shown in Table 4. Table 4: Three Year Expected Cost of DDoS Attacks ATTACK DURATION HOURS EXPECTED NUMBER OF ATTACKS OVER 3 YEARS COST PER ATTACK EXPETCED COST OVER 3 YEARS $26,031 $49, $58,570 $81, $428,390 $385, $817,773 $245,320 TOTAL EXPECTED COST $762,327 6
7 This cost can now be compared to the alternative of investing in a high quality cloud-based DDoS defense system, which can be expected to eliminate the extraordinary expenses of dealing with DDoS attacks through traditional methods (e.g., black holing customer traffic, removing domains, etc.). The cost of an effective hosted DDoS protection solution is generally a function of mitigation capacity that is, how much attack traffic the device can handle. This example assumes that a system capable of mitigating 2.5 Gbps is sufficient and can be purchased for $3,000 MRC (monthly recurring cost). Using the data above, Table 5 shows the cost-savings of a three year investment in a cloudbased DDoS defense system. Table 5: Cost-savings of a DDoS Defense Solution 3 Year Investment in Cloud-Based DDoS $3,000 MRC $108,000 3 Year Expected Cost of DDoS Attacks $762,327 Total Cost-Savings Over 3 Years $654,327 Payback 5.1 Months Choice of DDoS protection solution matters. Traditional perimeter security products, such as firewalls and intrusion prevention systems (IPS), are unable to address the DDoS threat to availability. The attack traffic has already reached the network by the time it hits the firewall. A cloud-based DDoS defense system captures the traffic in the providers network mitigating the threat and ensuring business operations continue as usual. To realize the projected benefits of deploying a DDoS mitigation solution, due diligence is needed on the part of the technical staff when selecting a solution. DDoS Mitigation from Bright House Networks Enterprise Solutions protects an organization from DDoS attacks by removing the threat before it reaches the network, ensuring business continuity. Battling multi-vector DDoS attacks requires a full array of mitigation tools and security expertise, which could cost hundreds of thousands to set up internally. Investing in a high-quality cloud-based defense system like DDoS Mitigation can reduce capital expenditures, labor costs, and eliminate false positive alerts that add to the cost and workload of internal staff. An added advantage to the Enterprise Solutions service is network ownership end-to-end, allowing a single point of accountability and response to incidents. Conclusion The volume, intensity, and frequency of DDoS attacks all continue to grow. Any organization with a significant web presence or that is reliant on Internet connectivity for business continuity, is a potential target and should consider the protection levels required to maintain normal business activity. Given the high bandwidth capacity needed to handle today s volumetric attacks, the cost and complexity of DDoS protection, and the expertise needed to stay up to date on the latest threats, tackling DDoS attacks on one s own can be a daunting challenge for an organization. Bright House Networks Enterprise Solutions DDoS Mitigation addresses network and service DDoS protection requirements for the enterprise providing the traffic visibility and actionable intelligence into threat activity to help secure network services and improve performance. 7
8 For more information and resources visit Bright House Networks Enterprise Solutions at www. or call References 1 The Trends and Changing Landscape of DDoS Threats and Protection, Forrester Consulting, July Worldwide Infrastructure Security Report, Arbor Networks, January In the Crossfire: Critical Infrastructure in the Age of Cyber War, Authors: Stewart Baker, distinguished visiting fellow at CSIS and partner at Steptoe & Johnson; Shaun Waterman, writer and researcher, CSIS; George Ivanov, researcher, CSIS; McAfee, Worldwide Infrastructure Security Report, Arbor Networks, October Ontrack-2001 Cost of Downtime Survey Results, Bright House Networks. Some restrictions apply. Serviceable areas only. Service provided at the discretion of Bright House Networks. 8
Distributed Denial of Service (DDoS) attacks. Imminent danger for financial systems. Tata Communications Arbor Networks.
Distributed Denial of Service (DDoS) attacks Imminent danger for financial systems Presented by Tata Communications Arbor Networks 1 Agenda Importance of DDoS for BFSI DDoS Industry Trends DDoS Technology
More informationProtect your network: planning for (DDoS), Distributed Denial of Service attacks
Protect your network: planning for (DDoS), Distributed Denial of Service attacks Nov 19, 2015 2015 CenturyLink. All Rights Reserved. The CenturyLink mark, pathways logo and certain CenturyLink product
More informationService Description DDoS Mitigation Service
Service Description DDoS Mitigation Service Interoute, Walbrook Building, 195 Marsh Wall, London, E14 9SG, UK Tel: +800 4683 7681 Email: info@interoute.com Contents Contents 1 Introduction...3 2 An Overview...3
More informationAKAMAI SOLUTION BROCHURE CLOUD SECURITY SOLUTIONS FAST RELIABLE SECURE.
CLOUD SECURITY SOLUTIONS FAST RELIABLE SECURE. Threat > The number and size of cyberattacks are increasing rapidly Website availability and rapid performance are critical factors in determining the success
More informationWhite Paper. Intelligent DDoS Protection Use cases for applying DDoS Intelligence to improve preparation, detection and mitigation
White Paper Intelligent DDoS Protection Use cases for applying DDoS Intelligence to improve preparation, detection and mitigation Table of Contents Introduction... 3 Common DDoS Mitigation Measures...
More informationMitigating Denial of Service Attacks. Why Crossing Fingers is Not a Strategy
Mitigating Denial of Service Attacks Why Crossing Fingers is Not a Strategy Introduction Mark Baldwin - Owner of Tectonic Security MSSP and Security Consulting Primarily Work With SMBs DDoS Mitigation
More information2012 Infrastructure Security Report. 8th Annual Edition Kleber Carriello Consulting Engineer
2012 Infrastructure Security Report 8th Annual Edition Kleber Carriello Consulting Engineer Key Findings in the Survey* Advanced Persistent Threats (APT) a top concern for service providers and enterprises
More informationArbor s Solution for ISP
Arbor s Solution for ISP Recent Attack Cases DDoS is an Exploding & Evolving Trend More Attack Motivations Geopolitical Burma taken offline by DDOS attack Protests Extortion Visa, PayPal, and MasterCard
More informationSecurity Solutions for the New Threads
Security Solutions for the New Threads We see things others can t Pablo Grande Sales Director, SOLA pgrande@arbor.net What a CISO Is Looking For Show Progress on Response Time Measurably improve our incident
More informationSecurityDAM On-demand, Cloud-based DDoS Mitigation
SecurityDAM On-demand, Cloud-based DDoS Mitigation Table of contents Introduction... 3 Why premise-based DDoS solutions are lacking... 3 The problem with ISP-based DDoS solutions... 4 On-demand cloud DDoS
More informationSecuring Your Business with DNS Servers That Protect Themselves
Product Summary: The Infoblox Secure DNS Solution mitigates attacks on DNS servers by intelligently recognizing various attack types and dropping attack traffic while responding only to legitimate queries.
More informationWHITE PAPER Hybrid Approach to DDoS Mitigation
WHITE PAPER Hybrid Approach to DDoS Mitigation FIRST LINE OF DEFENSE Executive Summary As organizations consider options for DDoS mitigation, it is important to realize that the optimal solution is a hybrid
More informationSafeguard Your Internet Presence with Sophisticated DDoS Mitigation
Singtel Business Product Factsheet Brochure Managed Defense DDoS Protection Services Services Safeguard Your Internet Presence with Sophisticated DDoS Mitigation The Internet age has made every company
More informationMan, Machine and DDoS Mitigation
Man, Machine and DDoS Mitigation The case for human cyber security expertise Automated DDoS mitigation poses risks Distributed denial of service (DDoS) attacks can overwhelm DDoS appliances Today s DDoS
More informationCloud Security In Your Contingency Plans
Cloud Security In Your Contingency Plans Jerry Lock Security Sales Lead, Greater China Contingency Plans Avoid data theft and downtime by extending the security perimeter outside the data-center and protect
More informationDISTRIBUTED DENIAL OF SERVICE OBSERVATIONS
: DDOS ATTACKS DISTRIBUTED DENIAL OF SERVICE OBSERVATIONS 1 DISTRIBUTED DENIAL OF SERVICE OBSERVATIONS NTT is one of the largest Internet providers in the world, with a significant share of the world s
More informationSecuring data centres: How we are positioned as your ISP provider to prevent online attacks.
Securing data centres: How we are positioned as your ISP provider to prevent online attacks. Executive Summary In today s technologically-demanding world, an organisation that experiences any internet
More informationDDoS Attack Mitigation Report. Media & Entertainment Finance, Banking & Insurance. Retail
DDoS Attack Mitigation Report Media & Entertainment Finance, Banking & Insurance Retail DDoS Attack Mitigation Report Media & Entertainment Attack on Spanish-Language News Site is Abandoned When Traffic
More informationSHARE THIS WHITEPAPER. On-Premise, Cloud or Hybrid? Approaches to Mitigate DDoS Attacks Whitepaper
SHARE THIS WHITEPAPER On-Premise, Cloud or Hybrid? Approaches to Mitigate DDoS Attacks Whitepaper Table of Contents Overview... 3 Current Attacks Landscape: DDoS is Becoming Mainstream... 3 Attackers Launch
More informationDDoS Attacks in the United Kingdom
Neustar Insights DDoS Attacks in the United Kingdom 2012 Annual Trends and Impact Survey Contents Survey Findings, 2012 2011 Survey Methodology 3 Frequency of Attacks 3 Introduction In both 2011 and 2012,
More informationSecuring Your Business with DNS Servers That Protect Themselves
Product Summary: The Infoblox DNS security product portfolio mitigates attacks on DNS servers by intelligently recognizing various attack types and dropping attack traffic while responding only to legitimate
More informationLimiting the Damage from a Denial of Service Attack
April 25, 2014 Limiting the Damage from a Denial of Service Attack From the Experts Andrew M. Hinkes, Corporate Counsel In early 2013, a wave of denial of service (DoS) attacks reportedly caused U.S. banks
More informationImperva Cloud WAF. How to Protect Your Website from Hackers. Hackers. *Bots. Legitimate. Your Websites. Scrapers. Comment Spammers
How to Protect Your from Hackers Web attacks are the greatest threat facing organizations today. In the last year, Web attacks have brought down businesses of all sizes and resulted in massive-scale data
More informationSHARE THIS WHITEPAPER. Top Selection Criteria for an Anti-DDoS Solution Whitepaper
SHARE THIS WHITEPAPER Top Selection Criteria for an Anti-DDoS Solution Whitepaper Table of Contents Top Selection Criteria for an Anti-DDoS Solution...3 DDoS Attack Coverage...3 Mitigation Technology...4
More informationManage the unexpected
Manage the unexpected Navigate risks and thrive Today s business world is threatened by a multitude of online security risks. But many organizations simply do not have the resources or expertise to combat
More informationCutting the Cost of Application Security
WHITE PAPER Cutting the Cost of Application Security Web application attacks can result in devastating data breaches and application downtime, costing companies millions of dollars in fines, brand damage,
More informationDENIAL OF SERVICE: HOW BUSINESSES EVALUATE THE THREAT OF DDOS ATTACKS IT SECURITY RISKS SPECIAL REPORT SERIES
DENIAL OF SERVICE: HOW BUSINESSES EVALUATE THE IT SECURITY RISKS SPECIAL REPORT SERIES Kaspersky Lab 2 Corporate IT Security Risks Survey details: More than 5500 companies in 26 countries around the world
More informationWHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY?
WHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY? Contents Introduction.... 3 What Types of Network Security Services are Available?... 4 Penetration Testing and Vulnerability Assessment... 4 Cyber
More informationPractical Steps To Securing Process Control Networks
Practical Steps To Securing Process Control Networks Villanova University Seminar Rich Mahler Director, Commercial Cyber Solutions Lockheed Martin Lockheed Martin Corporation 2014. All Rights Reserved.
More informationCHAPTER 4 : CASE STUDY WEB APPLICATION DDOS ATTACK GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC
: CASE STUDY WEB APPLICATION DDOS ATTACK 1 WEB APPLICATION DDOS ATTACK CASE STUDY MORAL Ensuring you have DoS/DDoS protection in place, before you are attacked, can pay off. OVERVIEW XYZ Corp (name changed
More informationAdvanced Threat Protection with Dell SecureWorks Security Services
Advanced Threat Protection with Dell SecureWorks Security Services Table of Contents Summary... 2 What are Advanced Threats?... 3 How do advanced threat actors operate?... 3 Addressing the Threat... 5
More informationUnknown threats in Sweden. Study publication August 27, 2014
Unknown threats in Sweden Study publication August 27, 2014 Executive summary To many international organisations today, cyber attacks are no longer a matter of if but when. Recent cyber breaches at large
More informationManaging IT Security with Penetration Testing
Managing IT Security with Penetration Testing Introduction Adequately protecting an organization s information assets is a business imperative one that requires a comprehensive, structured approach to
More informationSecuring Your Business with DNS Servers That Protect Themselves
Product Summary: The Infoblox DNS security product portfolio mitigates attacks on DNS/DHCP servers by intelligently recognizing various attack types and dropping attack traffic while responding only to
More informationFirst Line of Defense to Protect Critical Infrastructure
RFI SUBMISSION First Line of Defense to Protect Critical Infrastructure Developing a Framework to Improve Critical Infrastructure Cybersecurity Response to NIST Docket # 130208119-3119-01 Document # 2013-044B
More informationSeptember 20, 2013 Senior IT Examiner Gene Lilienthal
Cyber Crime September 20, 2013 Senior IT Examiner Gene Lilienthal The following presentation are views and opinions of the speaker and does not necessarily reflect the views of the Federal Reserve Bank
More informationSecuring Your Business with DNS Servers That Protect Themselves
Summary: The Infoblox DNS security product portfolio mitigates attacks on DNS/DHCP servers by intelligently recognizing various attack types and dropping attack traffic while responding only to legitimate
More informationHow To Protect A Dns Authority Server From A Flood Attack
the Availability Digest @availabilitydig Surviving DNS DDoS Attacks November 2013 DDoS attacks are on the rise. A DDoS attack launches a massive amount of traffic to a website to overwhelm it to the point
More informationOn-Premises DDoS Mitigation for the Enterprise
On-Premises DDoS Mitigation for the Enterprise FIRST LINE OF DEFENSE Pocket Guide The Challenge There is no doubt that cyber-attacks are growing in complexity and sophistication. As a result, a need has
More informationDAMAGE CONTROL: THE COST OF SECURITY BREACHES IT SECURITY RISKS SPECIAL REPORT SERIES
DAMAGE CONTROL: THE COST OF SECURITY BREACHES IT SECURITY RISKS SPECIAL REPORT SERIES Kaspersky Lab 2 Corporate IT Security Risks Survey details: More than 5500 companies in 26 countries around the world
More informationDDoS Attack and Its Defense
DDoS Attack and Its Defense 1 DDoS attacks are weapons of mass disruption. The DDoS attack has long been a big main threat to security of the Internet. It is not expensive and easy to be used for achieving
More informationKASPERSKY DDOS PROTECTION. Discover how Kaspersky Lab defends businesses against DDoS attacks
KASPERSKY DDOS PROTECTION Discover how Kaspersky Lab defends businesses against DDoS attacks CYBERCRIMINALS ARE TARGETING BUSINESSES If your business has ever suffered a Distributed Denial of Service (DDoS)
More informationDNS Server Security Survey
EXECUTIVE BRIEF DNS Server Security Survey Sponsored by: EfficientIP Romain Fouchereau June 2014 INTRODUCTION With most organizations having some business linked to and more importantly relying on an online
More informationAdvanced Threat Detection: Necessary but Not Sufficient The First Installment in the Blinded By the Hype Series
Advanced Threat Detection: Necessary but Not Sufficient The First Installment in the Blinded By the Hype Series Whitepaper Advanced Threat Detection: Necessary but Not Sufficient 2 Executive Summary Promotion
More informationDebunking Myths About DDoS Attacks: Radware 2011 Global Security Report.
Debunking Myths About DDoS Attacks: Radware 2011 Global Security Report. Mick Stephens, General Manager - Australia & New Zealand, Radware Ltd. March 2012 AGENDA About 2011 Global Security Report Key Findings:
More informationAdvanced Threats: The New World Order
Advanced Threats: The New World Order Gary Lau Technology Consulting Manager Greater China gary.lau@rsa.com 1 Agenda Change of Threat Landscape and Business Impact Case Sharing Korean Incidents EMC CIRC
More informationStop DDoS Attacks in Minutes
PREVENTIA Forward Thinking Security Solutions Stop DDoS Attacks in Minutes 1 On average there are more than 7,000 DDoS attacks observed daily. You ve seen the headlines. Distributed Denial of Service (DDoS)
More informationImpact of Cybersecurity Innovations in Key Sectors (Technical Insights)
Impact of Cybersecurity Innovations in Key Sectors (Technical Insights) Customized cybersecurity measures help overcome Industry specific challenges September 2014 Table of Contents Section Slide Number
More informationCYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS
CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS PREPARING FOR ADVANCED CYBER THREATS Cyber attacks are evolving faster than organizations
More informationMalware isn t The only Threat on Your Endpoints
Malware isn t The only Threat on Your Endpoints Key Themes The cyber-threat landscape has Overview Cybersecurity has gained a much higher profile over the changed, and so have the past few years, thanks
More informationSecurity strategies to stay off the Børsen front page
Security strategies to stay off the Børsen front page Steve Durkin, Channel Director for Europe, Q1 Labs, an IBM Company 1 2012 IBM Corporation Given the dynamic nature of the challenge, measuring the
More informationNext Generation IPS and Reputation Services
Next Generation IPS and Reputation Services Richard Stiennon Chief Research Analyst IT-Harvest 2011 IT-Harvest 1 IPS and Reputation Services REPUTATION IS REQUIRED FOR EFFECTIVE IPS Reputation has become
More informationDDoS Attacks Advancing and Enduring: A SANS Survey
DDoS Attacks Advancing and Enduring: A SANS Survey A SANS Analyst Survey Written by John Pescatore February 2014 Sponsored by Corero Network Security 2014 SANS Institute Executive Summary Distributed denial
More informationHope is Not a Strategy
Neustar Insights Hope is Not a Strategy 2012 Annual DDoS Attack and Impact Survey: A Year-to-Year Analysis Contents Survey methodology 3 Frequency of attacks 3 Financial impact 4 Attack size 5 Length of
More informationProtecting against cyber threats and security breaches
Protecting against cyber threats and security breaches IBM APT Survival Kit Alberto Benavente Martínez abenaventem@es.ibm.com IBM Security Services Jun 11, 2015 (Madrid, Spain) 12015 IBM Corporation So
More informationFive keys to a more secure data environment
Five keys to a more secure data environment A holistic approach to data infrastructure security Compliance professionals know better than anyone how compromised data can lead to financial and reputational
More informationRadware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper
Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper Table of Contents Abstract...3 Understanding Online Business
More informationTLP WHITE. Denial of service attacks: what you need to know
Denial of service attacks: what you need to know Contents Introduction... 2 What is DOS and how does it work?... 2 DDOS... 4 Why are they used?... 5 Take action... 6 Firewalls, antivirus and updates...
More informationDDoS ATTACKS: MOTIVES, MECHANISMS AND MITIGATION
DDoS ATTACKS: MOTIVES, MECHANISMS AND MITIGATION Stephen Gates Chief Security Evangelist Corero Network Security Session ID: SEC-W04 Session Classification: Intermediate Recent Headlines Are Denial of
More informationwww.prolexic.com Stop DDoS Attacks in Minutes
www.prolexic.com Stop DDoS Attacks in Minutes Prolexic gives us the strong insurance policy against DDoS attacks that we were looking for. Mark Johnson, Chief Financial Officer, RealVision You ve seen
More informationDDoS DETECTING. DDoS ATTACKS WITH INFRASTRUCTURE MONITORING. [ Executive Brief ] Your data isn t safe. And neither is your website or your business.
[ Executive Brief ] DDoS DETECTING DDoS ATTACKS WITH INFRASTRUCTURE MONITORING. Your data isn t safe. And neither is your website or your business. Hacking has become more prevalent and more sophisticated
More informationApplying machine learning techniques to achieve resilient, accurate, high-speed malware detection
White Paper: Applying machine learning techniques to achieve resilient, accurate, high-speed malware detection Prepared by: Northrop Grumman Corporation Information Systems Sector Cyber Solutions Division
More informationProtecting against DoS/DDoS Attacks with FortiWeb Web Application Firewall
Protecting against DoS/DDoS Attacks with FortiWeb Web Application Firewall A FORTINET WHITE PAPER www.fortinet.com Introduction Denial of Service attacks are rapidly becoming a popular attack vector used
More informationHow To Mitigate A Ddos Attack
VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT ISSUE 3 3RD QUARTER 2014 CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS 4 Mitigations by Attack Size 4 Mitigations by Industry 5
More informationExecutive Suite Series An Akamai White Paper
An Akamai White Paper Plan vs. Panic: Making a DDoS Mitigation Playbook Part of Your Incident Response Plan Introduction When a huge Distributed Denial-of-Service (DDoS) attack took down the Website of
More informationFour Steps to Defeat a DDoS Attack
WHITE PAPER Four Steps to Defeat a DDoS Attack Millions of computers around the world are controlled by cybercriminals. These computers, infected with bot malware, automatically connect to command and
More informationDistributed Denial of Service protection
Distributed Denial of Service protection The cost in terms of lost business caused by a successful DDoS attacks can be significant. Our solution recognises when a DDoS attack is happening and identifies
More informationBeing Ready to Face DDoS Challenge. Vodafone Power to you. DDoS
Being Ready to Face DDoS Challenge Vodafone Power to you DDoS 02 Introduction With competitive pressures intensifying and the pace of innovation accelerating, recognising key trends, understanding their
More informationHow To Protect Your Network From Intrusions From A Malicious Computer (Malware) With A Microsoft Network Security Platform)
McAfee Security: Intrusion Prevention System REV: 0.1.1 (July 2011) 1 Contents 1. McAfee Network Security Platform...3 2. McAfee Host Intrusion Prevention for Server...4 2.1 Network IPS...4 2.2 Workload
More informationHow Cisco IT Protects Against Distributed Denial of Service Attacks
How Cisco IT Protects Against Distributed Denial of Service Attacks Cisco Guard provides added layer of protection for server properties with high business value. Cisco IT Case Study / < Security and VPN
More information5 DNS Security Risks That Keep You Up At Night (And How To Get Back To Sleep)
5 DNS Security Risks That Keep You Up At Night (And How To Get Back To Sleep) survey says: There are things that go bump in the night, and things that go bump against your DNS security. You probably know
More informationModular Network Security. Tyler Carter, McAfee Network Security
Modular Network Security Tyler Carter, McAfee Network Security Surviving Today s IT Challenges DDos BOTS PCI SOX / J-SOX Data Exfiltration Shady RAT Malware Microsoft Patches Web Attacks No Single Solution
More informationCategory: Title of Nomination. Project Manager: Job Title: Agency: Department: Address: City: State:
1. Nomination Form Information: Category: Title of Nomination Project Manager: Job Title: Agency: Department: Address: City: State: Information Security and Privacy Security 2.0: Next Generation Security
More informationThe Business Case for Security Information Management
The Essentials Series: Security Information Management The Business Case for Security Information Management sponsored by by Dan Sullivan Th e Business Case for Security Information Management... 1 Un
More informationMcAfee Network Security Platform
McAfee Network Security Platform Next Generation Network Security Youssef AGHARMINE, Network Security, McAfee Network is THE Security Battleground Who is behind the data breaches? 81% some form of hacking
More informationCyber4sight TM Threat. Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats
Cyber4sight TM Threat Intelligence Services Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats Preparing for Advanced Cyber Threats Cyber attacks are evolving faster than organizations
More informationVERISIGN DDoS PROTECTION SERVICES CUSTOMER HANDBOOK
HANDBOOK VERISIGN DDoS PROTECTION SERVICES CUSTOMER HANDBOOK CONSIDERATIONS FOR SERVICE ADOPTION Version 1.0 July 2014 VerisignInc.com CONTENTS 1. WHAT IS A DDOS PROTECTION SERVICE? 3 2. HOW CAN VERISIGN
More informationWHITE PAPER ENSURING APPLICATION AVAILABILITY AND SECURITY IN THE CLOUD
WHITE PAPER ENSURING APPLICATION AVAILABILITY AND SECURITY IN THE CLOUD CONTENTS EXECUTIVE SUMMARY 3 THE LIFEBLOOD OF MANY BUSINESSES IS UNDER ATTACK 3 IT LEADERS FACE A DIFFICULT BALANCING ACT 3 Companies
More informationDefending Against Cyber Attacks with SessionLevel Network Security
Defending Against Cyber Attacks with SessionLevel Network Security May 2010 PAGE 1 PAGE 1 Executive Summary Threat actors are determinedly focused on the theft / exfiltration of protected or sensitive
More informationMaking the Internet Business-Ready
Making the Internet Business-Ready If you ve ever shopped online, downloaded music, watched a web video or connected to work remotely, you ve probably used Akamai. Our solutions help to deliver the best
More informationDigital Evidence and Threat Intelligence
Digital Evidence and Threat Intelligence 09 November 2015 Mark Clancy CEO www.soltra.com @soltraedge External Threats Growing 117,339 incoming attacks every day The total number of security incidents detected
More informationCALNET 3 Category 7 Network Based Management Security. Table of Contents
State of California IFB STPD 12-001-B CALNET 3 Category 7 Network Based Security Table of Contents 7.2.1.4.a DDoS Detection and Mitigation Features... 1 7.2.2.3 Email Monitoring Service Features... 2 7.2.3.2
More informationHow To Block A Ddos Attack On A Network With A Firewall
A Prolexic White Paper Firewalls: Limitations When Applied to DDoS Protection Introduction Firewalls are often used to restrict certain protocols during normal network situations and when Distributed Denial
More informationDDoS Protection. How Cisco IT Protects Against Distributed Denial of Service Attacks. A Cisco on Cisco Case Study: Inside Cisco IT
DDoS Protection How Cisco IT Protects Against Distributed Denial of Service Attacks A Cisco on Cisco Case Study: Inside Cisco IT 1 Overview Challenge: Prevent low-bandwidth DDoS attacks coming from a broad
More informationVALIDATING DDoS THREAT PROTECTION
VALIDATING DDoS THREAT PROTECTION Ensure your DDoS Solution Works in Real-World Conditions WHITE PAPER Executive Summary This white paper is for security and networking professionals who are looking to
More informationintegrating cutting-edge security technologies the case for SIEM & PAM
integrating cutting-edge security technologies the case for SIEM & PAM Introduction A changing threat landscape The majority of organizations have basic security practices in place, such as firewalls,
More informationDefending against Cyber Attacks
2015 AMC Privacy & Security Conference Defending against Cyber Attacks MICHAEL DOCKERY CHRIS BEAL PAUL HOWELL Security & Privacy Track June 24, 2015 In the News 2015 MCNC General Use v1.0 Healthcare Data
More information