DDOS DETECTION AND RESPONSE TRENDS IN THE ENTERPRISE: AN IANS CUSTOM REPORT
|
|
- Laurence Lynch
- 6 years ago
- Views:
Transcription
1 DDOS DETECTION AND RESPONSE TRENDS IN THE ENTERPRISE: AN IANS CUSTOM REPORT SEPTEMBER 2014 COMMISSIONED BY:
2 Contents Contents... 2 Introduction... 3 About the Survey and Respondents... 3 The Current State of DDoS... 4 DDoS and Incident Response... 5 Incident Detection and Response Today and Tomorrow... 9 About Arbor Networks About IANS
3 Introduction Since 2010, the number and types of DDoS attacks perpetrated against enterprise networks has grown dramatically. The rise in hacktivism has led to numerous DDoS attacks, with groups like LulzSec and Anonymous repeatedly attacking government and commercial sites. One of the largest attacks in 2011 was against Sony s Playstation Network, and was again attributed to Anonymous. The year 2012 saw a significant rise in attacks against financial organizations, with many of the world s leading financial service institutions and banks experiencing significant outages and slowdowns due to politically motivated DDoS attacks. Some of these reached sustained 100 Gbps speeds, which many in the security community believe to be the foreshadowing of trends we are seeing now. Through 2013 and 2014, numerous attacks of more than 200 Gbps have been witnessed, and the total number of attacks seen in 2014 seems to be eclipsing years past. The types of attacks are changing, too. While most attacks are still volume-based, primarily SYN Floods and ICMP and UDP traffic, more and more application-level traffic is seen today, primarily HTTP and HTTPS and DNS queries, as well as NTP data. Given the likelihood that organizations will be hit with DDoS attacks at some point, how are organizations preparing for them? What kinds of incident detection and response processes and technologies are organizations using to best handle DDoS attacks today? For those who experienced a DDoS attack, what were the costs? In this report, we ll review the state of DDoS readiness across the industry, and analyze where organizations identified costs associated with DDoS attacks. We ll also look at tools, tactics, and what s changing for those organizations seeking to better handle DDoS attacks against their networks. About the Survey and Respondents IANS conducted a survey of one hundred information security professionals in the industry. Of the respondents, 16% were CISOs, CTOs, and other executive roles, the majority (56%) were managers and directors, and the remaining 28% were technical practitioners. Almost half worked in large organizations of 10,000 or more employees, with a fair representation of smaller organizations as well. The full breakdown of organization size is shown in Figure 1: Organization Size 37% 12% 20% 31% 1,000-4,999 5,000-9,999 10,000-19,999 20,000+ Figure 1: Organization Size 3
4 All respondents were based in the United States, with the most representation from Texas, California, Florida, Maryland, Ohio, New Jersey, and North Carolina. Many other states were represented, as well, and the regional breakdown was highest for the South (43%), with almost equal representation for the West (19%), Midwest (20%), and Northeast (18%). The Current State of DDoS The first question we asked security professionals was a straightforward one - how many of them had experienced a DDoS attack in the past two years? Of the respondents, 22% indicated that they had experienced a DDoS attack during this time period, which amounts just over 1 in every 5 organizations who responded. This corresponds to the growing rate of DDoS attacks seen in the wild, and is likely to keep growing rapidly, especially for certain industries like the financial sector. Out of the respondents who indicated they d experienced a DDoS attack, two-thirds said that they had been able to reasonably assess the costs associated with the attack (14 out of 22 organizations). The other eight respondents could not accurately gauge the overall cost of the attack. For those who did determine the costs associated with a DDoS attack, a number of factors were involved in generating the costs. For most, the amount of operational time needed to detect and respond to the attack comprised at least a portion of the costs. Many also experienced system downtime due to crashes or adverse responses within the environment, as well. Half of the organizations who experienced a DDoS attack measured the loss of customer traffic to business web sites, and several also experienced a loss of goodwill and a hit to their reputation. The full breakdown of responses is shown in Figure 2: DDoS Costs Stem From... Operational time spent responding to the DDoS 73% System downtime due to crashes or adverse responses 68% Loss of customer traffic to web sites 50% Loss of goodwill and reputation 23% Figure 2: Means of Measuring DDoS Costs 0% 10% 20% 30% 40% 50% 60% 70% 80% 4 Based on these results, most costs for DDoS attacks are directly related to operations in one or more ways - either the time that IT operations teams spend detecting and cleaning up the attacks, or the direct impact to systems and applications affected by them. For larger sites which are
5 reliant on customer traffic to critical web sites, web application and analytics teams are likely measuring all impacts to traffic very frequently and tying changes in traffic to revenue will be second nature. Loss of goodwill and reputation is much harder to measure, especially in the short term, and may also be harder to translate to true revenue costs directly. DDoS and Incident Response Regardless of whether organizations have experienced a DDoS attack or not, all organizations should have an incident response plan that aligns with DDoS. If one in every five organizations has seen a DDoS attack already, the likelihood that organizations will see DDoS attacks in the future is very high. However, only 56% of respondents stated that they currently have a DDoSspecific response plan in place. This seems to indicate that many are either not concerned with a potential DDoS attack, or do not think they are likely targets for DDoS. In some cases, security teams may not have the proper resources to devote to planning and executing a DDoS incident response program, as well. In fact, when asked who handles DDoS-specific incident response currently, the results seem split between traditional security teams (64%), network engineering teams (54%) and incident response teams (54%). Survey respondents could choose more than one answer, which implies that most organizations are sharing the responsibility for DDoS incident response across several teams. Not having a dedicated owner of DDoS response may lead to less direct focus on DDoS overall, too. Currently, 39% of respondents perform custom training drills for their security teams for DDoS response. This is also a low number, especially in light of the increasing threat of DDoS to more and more organizations. However, most organizations are investing in some equipment and services that can help with DDoS attacks. Given the cross-functional nature of DDoS detection and response between network engineering and security teams, it s not surprising that the top technology used for DDoS detection and defense is network load balancing equipment (57%). Almost half of respondents indicated that they are using some sort of dedicated on-premise DDoS detection and prevention tools. Almost a third of organizations are leveraging cloud-based DDoS detection and response services or application traffic shaping tools, as shown in Figure 3: Current DDoS Detection and Response Tools Network load balancing equipment 57% On-premise DDoS detection and protection systems 49% Cloud-based DDoS detection and protection services 31% Application traffic shaping tools 30% 0% 10% 20% 30% 40% 50% 60% Figure 3: Current DDoS Detection and Response Tools 5
6 What do these results indicate? First, the mix of network load balancing and application traffic shaping equipment indicates network operational involvement in DDoS detection and response, with equipment typically maintained by the network operations and engineering teams. Onpremise and cloud-based DDoS detection and protection tools are often jointly configured and maintained by security and network teams, which correlates with the response question discussed earlier - DDoS detection and response is a shared task. How do organizations first detect DDoS attacks - in other words, what are the most prevalent initial indicators of a DDoS attack? Surprisingly, only 21% of respondents included volume of TCP SYN packets, which has traditionally been the most common volumetric DDoS attack. The highest volume of responses indicated that HTTP/HTTPS and DNS packet volume were leading indicators, followed by behavioral changes in traffic patterns. The full list of DDoS leading indicators is shown in Figure 4: DDoS Initial Indicators Volume of HTTP/HTTPS packets Volume of DNS packets Traffic behavior pattern changes Volume of TCP SYN packets 21% 28% 31% 30% Application server and process indicators Volume of NTP packets All of the above None of the above 12% 18% 17% 23% 0% 5% 10% 15% 20% 25% 30% 35% Figure 4: DDoS Initial Indicators Application server and process indicators are also starting to factor into DDoS detection, which shows more attention at a host level and likely also indicates a higher level of attention and involvement from operations teams responsible for system administration and monitoring. NTP DDoS attacks are becoming more common, too, but are still a small percentage of the DDoS landscape. Not surprisingly, almost a quarter of the respondents use all the different indicators listed, while a smaller group did not leverage any of them. How long does it take most organizations to detect and respond to DDoS attacks? Many organizations stated that they could start to detect and react quickly, with responses ranging from less than one hour to 1-12 hours. A smaller number needed hours, or even days, to properly detect and mitigate DDoS attacks. The full breakdown of responses is shown in Figure 5: 6
7 Average DDoS Response Time 3% 7% 6% 30% Less than one hour 1-12 hours 11% hours 1-3 days 3-7 days More than 7 days 43% Figure 5: Average DDoS Response Time Do most organizations know that they can respond this quickly, or is this an example of overconfidence? Many of the organizations that indicated very low detection and mitigation times for DDoS attacks may not have experienced the full brunt of a dedicated and focused attack yet. Organizations that leverage service providers for help during DDoS attacks can transition incident response efforts to the service providers, if possible (or at least enlist their aid during attacks). When this happens varies widely, however. The majority tend to enlist service providers quickly, as soon as attacks are detected. This may account for the previous responses about immediate detection and mitigation. The rest of the responses were evenly spread across when a certain cost threshold is reached or varied thresholds of network saturation (shown in Figure 6): DDoS Service Provider Response Transition Immediately, as soon as the attack is detected 36% When a certain cost threshold is reached When network saturation reaches 50% When network saturation reaches 25% When network saturation reaches 75% 14% 13% 12% 11% Figure 6: DDoS Service Provider Response Transition Thresholds 0% 5% 10% 15% 20% 25% 30% 35% 40% Several respondents also indicated that they worked in service provider organizations, or never transitioned to a service provider. The kinds of DDoS containment tools and techniques security teams are leveraging is also critical to understand. Given the lack of maturity in developing a 7
8 sound DDoS incident response strategy, it s not surprising to find that many are still relying heavily on firewalls, IDS/IPS, and network load balancing to contain DDoS attacks and eradicate unwanted traffic. Some are also using DNS redirection and application traffic shaping, as mentioned in the earlier question about tools currently in place. With the rise in application-centric DDoS, this is likely to grow over time. Only a small percentage of respondents (17%) are using clean pipe packet scrubbing services to contain and eradicate DDoS traffic currently, yet this is a growing market area at the moment. The full breakdown of eradication and containment techniques is shown in Figure 7: DDoS Containment and Eradication Techniques Traditional IDS/IPS/Firewall blocking 64% Network load balancing 53% DNS redirection 41% Application traffic shaping 27% "Clean pipe" packet scrubbing services 17% Figure 7: DDoS Containment and Eradication Techniques 0% 10% 20% 30% 40% 50% 60% 70% After detection, how long does it take most organizations to start mitigating a DDoS attack? Ten percent of respondents said they don t mitigate, which implies they have outsourced services in place to handle this. Half the respondents indicated that they could start responding immediately or within minutes. The rest took up to 30 minutes or longer, as shown in Figure 8: DDoS Mitigation Time 10% 25% Automatically minutes 22% minutes 16% 27% More than 30 minutes We do not mitigate DDoS attacks Figure 8: DDoS Mitigation Time After Detection 8
9 We asked practitioners who had successfully responded to DDoS attacks to give some tips from the trenches. Several responded that properly trained staff and a defined incident response plan were key in detecting and eradicating the attacks, with one comment stating, expect it to happen and be prepared. Others noted that you should use all the tools you can afford to use and invest in competent security operations personnel and the tools for them to use. Some of the other tips included using cloud-based DDoS mitigation services and DNS redirection to successfully respond, as well. Incident Detection and Response Today and Tomorrow Today, most organizations employ a wide variety of tools and services to detect threats against their networks and applications. Firewall logs are far and away the most prevalent detection method across organizations at 70%, followed by performance monitoring and management solutions (43%) and SIEM (41%). From there, we see fewer organizations making use of inhouse scripting and tools, helpdesk tickets and calls, and other network-focused tools like SNMP and NetFlow analysis platforms, as well as Deep Packet Inspection (DPI) tools, as shown in Figure 9: Current Threat Detection Firewall logs Performance Management / Monitoring Security Information and Event Management In-house developed scripts/tools Customer Call / Helpdesk Ticket SNMP-based tools NetFlow analyzers Deep Packet Inspection (DPI) tools 43% 41% 34% 30% 29% 27% 24% 70% 0% 10% 20% 30% 40% 50% 60% 70% 80% Figure 9: Current Network Threat Detection Tools With this wide variety of tools, organizations are likely able to detect many network threats. However, there s still a gap in skills and technology for detecting and responding to DDoS attacks. Only half of organizations have a definitive DDoS response plan in place, and responsibilities for handling DDoS seem spread out across several different teams, primarily network and security operations. Many organizations are still using traditional network tools to detect and mitigate denial-of-service, which may not be the ideal controls for the job. The use of application traffic-shaping tools and DDoS detection and prevention services is growing, too. Many organizations may experience DDoS attacks in the next several years - what will the impact be? Currently, most organizations affected by DDoS measured costs in operational time spent on response, as well as downtime. It will be interesting to see how these trends continue in the future. 9
10 About Arbor Networks Arbor Networks, Inc. is a leading provider of network security and management solutions for enterprise and service provider networks, including the vast majority of the world's Internet service providers and many of the largest enterprise networks in use today. Arbor's proven network security and management solutions help grow and protect customer networks, businesses and brands. Through its unparalleled, privileged relationships with worldwide service providers and global network operators, Arbor provides unequalled insight into and perspective on Internet security and traffic trends via the ATLAS Active Threat Level Analysis System. Representing a unique collaborative effort with 250+ network operators across the globe, ATLAS enables the sharing of real-time security, traffic and routing information that informs numerous business decisions. About IANS IANS is the leading provider of in-depth security insights and decision support delivered through research, community, and consulting. Fueled by interactions among IANS Faculty and information security practitioners, IANS experience-driven advice helps IT security, risk management, and compliance executives make better, faster technical and managerial decisions. IANS was founded in 2001 as the Institute for Applied Network Security. Inspired by the Harvard Business School experience of interactive discussions driving collective insights, IANS adapted that format to fit the needs of the information security community. 10
Imperva Incapsula Survey: What DDoS Attacks Really Cost Businesses
Survey Imperva Incapsula Survey: What DDoS Attacks Really Cost Businesses BY: TIM MATTHEWS 2016, Imperva, Inc. All rights reserved. Imperva and the Imperva logo are trademarks of Imperva, Inc. Contents
More informationCOPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 1
COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 1 Worldwide Infrastructure Security Report Highlights Volume XIII C F Chui, Principal Security Technologist COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 2 Overview This presentation
More informationDDoS: STRATEGIES FOR DEALING WITH A GROWING THREAT
DDoS: STRATEGIES FOR DEALING WITH A GROWING THREAT 01. EXECUTIVE SUMMARY This report summarizes recent research on distributed denial of service (DDoS) attacks, which looks at data collated recently and
More informationAn Introduction to DDoS attacks trends and protection Alessandro Bulletti Consulting Engineer, Arbor Networks
An Introduction to DDoS attacks trends and protection Alessandro Bulletti Consulting Engineer, Arbor Networks abulletti@arbor.net Topics Covered The DDOS cyber threat and impacts Cyprus attacks trend in
More informationVERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT
VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 4, ISSUE 1 1ST QUARTER 2017 Complimentary report supplied by CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS: Q1 2017 4 DDoS
More informationA custom excerpt from Frost & Sullivan s Global DDoS Mitigation Market Research Report (NDD2-72) July, 2014 NDD2-74
Analysis of the Global Distributed Denial of Service (DDoS) Mitigation Market Abridged Version Rise of the DDoS Attack Spurs Demand for Comprehensive Solutions A custom excerpt from Frost & Sullivan s
More informationDNS SECURITY BENEFITS OF OUTSOURCING YOUR DNS TO AN IP ANYCAST+ PROVIDER
BENEFITS OF OUTSOURCING YOUR DNS TO AN IP ANYCAST+ PROVIDER Introduction DDoS attacks are rapidly growing in magnitude and frequency every year. Just in the last year, attack rates have risen 132% (Q2
More informationHOW TO HANDLE A RANSOM- DRIVEN DDOS ATTACK
From the Security Experts at Corero Network Security HOW TO HANDLE A RANSOM- DRIVEN DDOS ATTACK Be Proactive, Not Reactive STEP-BY-STEP GUIDE The Rise of Ransom-Driven DDoS Attacks Ransom-related Denial
More informationCyber War Chronicles Stories from the Virtual Trenches
Cyber War Chronicles Stories from the Virtual Trenches Ron Winward Security Evangelist Radware, Inc. March 17, 2016 Background on the Radware Report Key Cyber Attack Trends for 2015-2016 Case Study: Look
More informationVERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT
VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 4, ISSUE 3 3RD QUARTER 2017 Complimentary report supplied by CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS: Q3 2017 4 DDoS
More information2017 Trends in Security Metrics and Security Assurance Measurement Report A Survey of IT Security Professionals
2017 Trends in Security Metrics and Security Assurance Measurement Report A Survey of IT Security Professionals Sponsored by Contents Introduction....3 Key Takeaways from the 2017 Report:....3 Security
More informationVERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT
VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 4, ISSUE 4 4TH QUARTER 2017 Complimentary report supplied by CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS: Q4 2017 4 DDoS
More informationINTRODUCTION: DDOS ATTACKS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC
INTRODUCTION: DDOS ATTACKS 1 DDOS ATTACKS Though Denial of Service (DoS) and Distributed Denial of Service (DDoS) have been common attack techniques used by malicious actors for some time now, organizations
More informationVERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT
VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 5, ISSUE 1 1ST QUARTER 2018 Complimentary report supplied by CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS: Q1 2018 4 DDoS
More informationWhy IPS Devices and Firewalls Fail to Stop DDoS Threats
Arbor White Paper Why IPS Devices and Firewalls Fail to Stop DDoS Threats How to Protect Your Data Center s Availability About Arbor Networks Arbor Networks, Inc. is a leading provider of network security
More information` 2017 CloudEndure 1
` 2017 CloudEndure 1 Table of Contents Executive Summary... 3 Production Machines in the Organization... 4 Production Machines Using Disaster Recovery... 5 Workloads Primarily Covered by Disaster Recovery...
More informationINTRODUCTION. We would like to thank HelpSystems for supporting this unique research. We hope you will enjoy the report.
2019 SIEM REPORT INTRODUCTION Security Information and Event Management (SIEM) is a powerful technology that allows security operations teams to collect, correlate and analyze log data from a variety of
More informationTHE CYBERSECURITY LITERACY CONFIDENCE GAP
CONFIDENCE: SECURED WHITE PAPER THE CYBERSECURITY LITERACY CONFIDENCE GAP ADVANCED THREAT PROTECTION, SECURITY AND COMPLIANCE Despite the fact that most organizations are more aware of cybersecurity risks
More informationWHITE PAPER Hybrid Approach to DDoS Mitigation
WHITE PAPER Hybrid Approach to DDoS Mitigation FIRST LINE OF DEFENSE Executive Summary As organizations consider options for DDoS mitigation, it is important to realize that the optimal solution is a hybrid
More informationA10 DDOS PROTECTION CLOUD
DATA SHEET A10 DDOS PROTECTION CLOUD A10 Networks provides full spectrum DDoS defenses. This includes multi-vector protection from attacks of any type to ensure the availability of enterprise business
More informationVERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT
VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 5, ISSUE 2 2ND QUARTER 2018 Complimentary report supplied by CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS: Q2 2018 4 DDoS
More informationVERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT
VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 3, ISSUE 3 3RD QUARTER 2016 Complimentary report supplied by CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS: Q3 2016 4 DDoS
More informationDDoS: Evolving Threats, Solutions FEATURING: Carlos Morales of Arbor Networks Offers New Strategies INTERVIEW TRANSCRIPT
INTERVIEW TRANSCRIPT DDoS: Evolving Threats, Solutions Carlos Morales of Arbor Networks Offers New Strategies FEATURING: Characteristics of recent attacks; Gaps in organizations defenses; How to best prepare
More informationAKAMAI SOLUTION BROCHURE CLOUD SECURITY SOLUTIONS FAST RELIABLE SECURE.
CLOUD SECURITY SOLUTIONS FAST RELIABLE SECURE. Threat > The number and size of cyberattacks are increasing rapidly Website availability and rapid performance are critical factors in determining the success
More informationDDoS MITIGATION BEST PRACTICES
DDoS MITIGATION BEST PRACTICES DDoS ATTACKS ARE INCREASING EXPONENTIALLY Organizations are becoming increasingly aware of the threat that Distributed Denial of Service (DDoS) attacks can pose. According
More informationBuilding a Threat Intelligence Program
WHITE PAPER Building a Threat Intelligence Program Research findings on best practices and impact www. Building a Threat Intelligence Program 2 Methodology FIELD DATES: March 30th - April 4th 2018 351
More informationCICS insights from IT professionals revealed
CICS insights from IT professionals revealed A CICS survey analysis report from: IBM, CICS, and z/os are registered trademarks of International Business Machines Corporation in the United States, other
More informationSTATE OF THE NETWORK STUDY
10TH ANNUAL STUDY 2017 1 EXECUTIVE SUMMARY The Tenth Annual State of the Network Global Study focuses a lens on the network team s role in security investigations. Results indicate that 88 percent of network
More informationDIGITAL TRANSFORMATION IN FINANCIAL SERVICES
DIGITAL TRANSFORMATION IN FINANCIAL SERVICES Global Priorities, Progress, and Obstacles Insights from business and IT executives at financial services institutions worldwide reveal that while digital transformation
More informationKEY FINDINGS INTERACTIVE GUIDE. Uncovering Hidden Threats within Encrypted Traffic
KEY FINDINGS INTERACTIVE GUIDE Uncovering Hidden Threats within Encrypted Traffic Introduction In a study commissioned by A10 Networks, Ponemon surveyed 1,023 IT and IT security practitioners in North
More informationDDoS Detection&Mitigation: Radware Solution
DDoS Detection&Mitigation: Radware Solution Igor Urosevic Head of Technical Department SEE CCIE #26391 Ingram Micro Inc. 1 Agenda DDoS attack overview Main point of failures Key challenges today DDoS protection
More informationSOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM
SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM OVERVIEW The Verizon 2016 Data Breach Investigations Report highlights that attackers are regularly outpacing the defenders.
More information2nd SIG-NOC meeting and DDoS Mitigation Workshop Scrubbing Away DDOS Attacks. 9 th November 2015
2nd SIG-NOC meeting and DDoS Mitigation Workshop Scrubbing Away DDOS Attacks 9 th November 2015 AKAMAI SOLUTIONS WEB PERFORMANCE SOLUTIONS MEDIA DELIVERY SOLUTIONS CLOUD SECURITY SOLUTIONS CLOUD NETWORKING
More informationPROTECTING INFORMATION ASSETS NETWORK SECURITY
PROTECTING INFORMATION ASSETS NETWORK SECURITY PAUL SMITH 20 years of IT experience (desktop, servers, networks, firewalls.) 17 years of engineering in enterprise scaled networks 10+ years in Network Security
More informationWhy Enterprises Need to Optimize Their Data Centers
White Paper Why Enterprises Need to Optimize Their Data Centers Introduction IT executives have always faced challenges when it comes to delivering the IT services needed to support changing business goals
More informationAnalisi degli attacchi DDOS e delle contromisure
Attacchi informatici: Strategie e tecniche per capire, prevenire e proteggersi dagli attacchi della rete Analisi degli attacchi DDOS e delle contromisure Alessandro Tagliarino 0 WHO IS ARBOR NETWORKS?
More informationComprehensive datacenter protection
Comprehensive datacenter protection There are several key drivers that are influencing the DDoS Protection market: DDoS attacks are increasing in frequency DDoS attacks are increasing in size DoS attack
More informationArbor White Paper Keeping the Lights On
Arbor White Paper Keeping the Lights On The Importance of DDoS Defense in Business Continuity Planning About Arbor Networks Arbor Networks Inc., the cyber security division of NETSCOUT, helps secure the
More informationA GUIDE TO DDoS PROTECTION
HTTP CACHE BYPASS FLOOD THINK APP SECURITY FIRST CHOOSING THE RIGHT MODEL A GUIDE TO DDoS PROTECTION DNS AMPLIFICATION INTRODUCTION By thinking proactively about DDoS defense, organizations can build a
More informationSecuring Your Digital Transformation
Securing Your Digital Transformation Security Consulting Managed Security Leveraging experienced, senior experts to help define and communicate risk and security program strategy using real-world data,
More informationSIEM: Five Requirements that Solve the Bigger Business Issues
SIEM: Five Requirements that Solve the Bigger Business Issues After more than a decade functioning in production environments, security information and event management (SIEM) solutions are now considered
More informationThe Cost of Denial-of-Services Attacks
The Cost of Denial-of-Services Attacks Sponsored by Akamai Technologies Independently conducted by Ponemon Institute LLC Publication Date: March 2015 Ponemon Institute Research Report The Cost of Denial-of-Service
More informationTOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS
TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS 1 Introduction Your data and infrastructure are at the heart of your business. Your employees, business partners, and
More informationIBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation
IBM X-Force 2012 & CISO Survey Cyber Security Threat Landscape 1 2012 IBM Corporation IBM X-Force 2011 Trend and Risk Report Highlights The mission of the IBM X-Force research and development team is to:
More informationLarge FSI DDoS Protection Reference Architecture
Large FSI DDoS Protection Reference Architecture Customers ISPa Tier 1: Protecting L3-4 and DNS Network Firewall Services + Simple Load Balancing to Tier 2 Tier 2: Protecting L7 Web Application Firewall
More informationSYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security
SYMANTEC: SECURITY ADVISORY SERVICES Symantec Security Advisory Services The World Leader in Information Security Knowledge, as the saying goes, is power. At Symantec we couldn t agree more. And when it
More informationUsing Threat Analytics to Protect Privileged Access and Prevent Breaches
Using Threat Analytics to Protect Privileged Access and Prevent Breaches Under Attack Protecting privileged access and preventing breaches remains an urgent concern for companies of all sizes. Attackers
More informationState of Cloud Survey GERMANY FINDINGS
2011 State of Cloud Survey GERMANY FINDINGS CONTENTS Executive Summary... 4 Methodology... 6 Finding 1: Cloud security is top goal and top concern.................................. 8 Finding 2: IT staff
More informationNINE MYTHS ABOUT. DDo S PROTECTION
NINE S ABOUT DDo S PROTECTION NINE S ABOUT DDOS PROTECTION The trajectory of DDoS attacks is clear: yearly increases in total DDoS attacks, an ever-growing number of attack vectors, and billions of potentially
More informationA Top US Bank Trusts Neustar SiteProtect for Reliable DDoS Protection Depth
KEY TAKEAWAYS DDoS attacks are growing in frequency, complexity, and size A Top US Bank Trusts Neustar SiteProtect for Reliable DDoS Protection Depth One DDoS solution represents a single point of failure
More informationHow NSFOCUS Protected the G20 Summit. Guy Rosefelt on the Strategy, Staff and Tools Needed to Ensure Cybersecurity
How NSFOCUS Protected the G20 Summit Guy Rosefelt on the Strategy, Staff and Tools Needed to Ensure Cybersecurity SPONSORED BY Rosefelt is responsible for developing NSFOCUS threat intelligence and web
More informationDefending against increasingly sophisticated DDoS attacks
IBM Global Technology Services August 2013 Defending against increasingly sophisticated DDoS attacks Managed DDoS protection from IBM Contents 1 Executive summary 2 Industry trends and the current threat
More informationRED HAT ENTERPRISE LINUX. STANDARDIZE & SAVE.
RED HAT ENTERPRISE LINUX. STANDARDIZE & SAVE. Is putting Contact us INTRODUCTION You know the headaches of managing an infrastructure that is stretched to its limit. Too little staff. Too many users. Not
More information9 STEPS FOR FIGHTING AGAINST DDOS ATTACKS IN REAL-TIME.
9 STEPS FOR FIGHTING AGAINST DDOS ATTACKS IN REAL-TIME www.haltdos.com info@haltdos.com Slow network performance or a single website downtime can cause serious revenue damage to any online business, both
More informationSecurity in India: Enabling a New Connected Era
White Paper Security in India: Enabling a New Connected Era India s economy is growing rapidly, and the country is expanding its network infrastructure to support digitization. India s leapfrogging mobile
More informationINTELLIGENCE DRIVEN GRC FOR SECURITY
INTELLIGENCE DRIVEN GRC FOR SECURITY OVERVIEW Organizations today strive to keep their business and technology infrastructure organized, controllable, and understandable, not only to have the ability to
More informationCisco Stealthwatch Improves Threat Defense with Network Visibility and Security Analytics
Solution Overview Cisco Stealthwatch Improves Threat Defense with Network Visibility and Security Analytics BENEFITS Gain visibility across all network conversations, including east-west and north-south
More informationTHE STATE OF IT TRANSFORMATION FOR RETAIL
THE STATE OF IT TRANSFORMATION FOR RETAIL An Analysis by Dell EMC and VMware Dell EMC and VMware are helping IT groups at retail organizations transform to business-focused service providers. The State
More informationSymantec Security Monitoring Services
24x7 real-time security monitoring and protection Protect corporate assets from malicious global threat activity before it impacts your network. Partnering with Symantec skilled and experienced analysts
More informationPerimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN
T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN Perimeter Defenses Enterprises need to take their security strategy beyond stacking up layers of perimeter defenses to building up predictive
More informationCybersecurity. Anna Chan, Marketing Director, Akamai Technologies
Grow revenue opportunities with fast, personalized web experiences and manage complexity from peak demand, mobile Business devices and Continuity data collection. & Cybersecurity Anna Chan, Marketing Director,
More informationCYBER RESILIENCE & INCIDENT RESPONSE
CYBER RESILIENCE & INCIDENT RESPONSE www.nccgroup.trust Introduction The threat landscape has changed dramatically over the last decade. Once the biggest threats came from opportunist attacks and preventable
More informationDATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE
DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE EXECUTIVE SUMMARY ALIGNING CYBERSECURITY WITH RISK The agility and cost efficiencies
More informationSurvey: Global Efficiency Held Back by Infrastructure Spend in Pharmaceutical Industry
Survey: Global Efficiency Held Back by Infrastructure Spend in Pharmaceutical Industry Akamai Survey Shows Pharmaceutical Industry Looking for Global Employee Efficiency but may be Held Back by Heavy Infrastructure
More informationRSA NetWitness Suite Respond in Minutes, Not Months
RSA NetWitness Suite Respond in Minutes, Not Months Overview One can hardly pick up a newspaper or turn on the news without hearing about the latest security breaches. The Verizon 2015 Data Breach Investigations
More informationThe power management skills gap
The power management skills gap Do you have the knowledge and expertise to keep energy flowing around your datacentre environment? A recent survey by Freeform Dynamics of 320 senior data centre professionals
More informationSustainable Security Operations
Sustainable Security Operations Optimize processes and tools to make the most of your team s time and talent The number and types of security incidents organizations face daily are steadily increasing,
More informationIntroduction to DDoS Attacks
Introduction to DDoS Attacks Chris Beal Chief Security Architect MCNC chris.beal@mcnc.org @mcncsecurity on Twitter 2015 MCNC General Use v1.0 DDoS in the News July 2015 2015 MCNC General Use v1.0 DDoS
More informationMOBILE SECURITY 2017 SPOTLIGHT REPORT. Information Security PRESENTED BY. Group Partner
MOBILE SECURITY 2017 SPOTLIGHT REPORT Group Partner Information Security PRESENTED BY OVERVIEW Security and privacy risks are on the rise with the proliferation of mobile devices and their increasing use
More informationNEXT GENERATION SECURITY OPERATIONS CENTER
DTS SOLUTION NEXT GENERATION SECURITY OPERATIONS CENTER SOC 2.0 - ENHANCED SECURITY O&M SOC 2.0 - SUCCESS FACTORS SOC 2.0 - FUNCTIONAL COMPONENTS DTS SOLUTION SOC 2.0 - ENHANCED SECURITY O&M SOC 2.0 Protecting
More informationDowntime by DDoS: Taking an Integrated Multi-Layered Approach. Arbor Solution Brief
Downtime by DDoS: Taking an Integrated Multi-Layered Approach Arbor Solution Brief About Arbor Networks Arbor Networks Inc., the cyber security division of NETSCOUT, helps secure the world s largest enterprise
More informationToward an Automated Future
2017 State of the Network Engineer: Toward an Automated Future netbraintech.com Executive Summary Today s enterprises have reached a tipping point when it comes to network management. Networks are growing
More informationThe 2017 State of IT Incident Management. Annual Report on Incidents, Tools & Processes
The 2017 State of IT Incident Management Annual Report on Incidents, Tools & Processes Table of Contents 03 Executive Summary and Key Findings 04 Overview 05 IT Incidents Major IT Incidents a Real Area
More informationProlexic Attack Report Q4 2011
Prolexic Attack Report Q4 2011 Prolexic believes the nature of DDoS attacks are changing: they are becoming more concentrated and damaging. Packet-per-second volume is increasing dramatically, while attack
More informationCYBERSECURITY HOW IT IS TRANSFORMING THE IT ASSURANCE FIELD
CYBERSECURITY HOW IT IS TRANSFORMING THE IT ASSURANCE FIELD December 2014 KEVIN GROOM ISACA Involvement (Middle Tennessee Chapter) Treasurer (2009 2011) Vice President (2011 2013) President (2013 present)
More informationFighting the Shadows: How to Stop Real-world Cybersecurity Application Threats That You Can t See
Fighting the Shadows: How to Stop Real-world Cybersecurity Application Threats That You Can t See Louis Scialabba Carrier Solutions Marketing Nov 2015 November 16, 2015 Topics What s New in Cybersecurity
More informationCompTIA Security Research Study Trends and Observations on Organizational Security. Carol Balkcom, Product Manager, Security+
CompTIA Security Research Study 2007 Trends and Observations on Organizational Security Carol Balkcom, Product Manager, Security+ Goals of this session To share some trends and observations related to
More informationFlorida Government Finance Officers Association. Staying Secure when Transforming to a Digital Government
Florida Government Finance Officers Association Staying Secure when Transforming to a Digital Government Agenda Plante Moran Introductions Technology Pressures and Challenges Facing Government Technology
More informationIBM Cloud Internet Services: Optimizing security to protect your web applications
WHITE PAPER IBM Cloud Internet Services: Optimizing security to protect your web applications Secure Internet applications and APIs against denialof-service attacks, customer data compromise, and abusive
More informationSOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT
RSA ARCHER IT & SECURITY RISK MANAGEMENT INTRODUCTION Organizations battle growing security challenges by building layer upon layer of defenses: firewalls, antivirus, intrusion prevention systems, intrusion
More informationThe State of Cloud Monitoring
REPORT The State of Cloud Monitoring Survey Reveals Visibility is Key to Cloud Security and Performance INTRODUCTION Ixia, a Keysight business, commissioned Dimensional Research to conduct a survey measuring
More informationTripwire State of Container Security Report
RESEARCH Tripwire State of Container Security Report January 2019 FOUNDATIONAL CONTROLS FOR SECURITY, COMPLIANCE & IT OPERATIONS As DevOps continues to drive increased use of containers, security teams
More informationBRING EXPERT TRAINING TO YOUR WORKPLACE.
BRING EXPERT TRAINING TO YOUR WORKPLACE. ISACA s globally respected training and certification programs inspire confidence that enables innovation in the workplace. ISACA s On-Site Training brings a unique
More informationTHE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION
BREACH & ATTACK SIMULATION THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION Cymulate s cyber simulation platform allows you to test your security assumptions, identify possible security gaps and receive
More informationBUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE
BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE 1 WHAT IS YOUR SITUATION? Excel spreadsheets Manually intensive Too many competing priorities Lack of effective reporting Too many consultants Not
More informationTHE STATE OF MEDIA SECURITY HOW MEDIA COMPANIES ARE SECURING THEIR ONLINE PROPERTIES
THE STATE OF MEDIA SECURITY HOW MEDIA COMPANIES ARE SECURING THEIR ONLINE PROPERTIES TABLE OF CONTENTS 3 Introduction 4 Survey Findings 4 Recent Breaches Span a Broad Spectrum 4 Site Downtime and Enterprise
More informationI D C T E C H N O L O G Y S P O T L I G H T
I D C T E C H N O L O G Y S P O T L I G H T P ow e ring Digital Transfor m a t i o n T h r ough the C l o u d - R e a d y E n t e r p rise September 2016 Adapted from Developing a Cloud Strategy for Digital
More informationwhitepaper How to Measure, Report On, and Actually Reduce Vulnerability Risk
whitepaper How to Measure, Report On, and Actually Reduce Vulnerability Risk Assure the board your company won t be the next data breach Introduction A solid vulnerability management program is critical
More informationImperva Incapsula Product Overview
Product Overview DA T A SH E E T Application Delivery from the Cloud Whether you re running a small e-commerce business or in charge of IT operations for an enterprise, will improve your website security
More informationDDN Annual High Performance Computing Trends Survey Reveals Rising Deployment of Flash Tiers & Private/Hybrid Clouds vs.
DDN Annual High Performance Computing Trends Survey Reveals Rising Deployment of Flash Tiers & Private/Hybrid Clouds vs. Public for HPC HPC End Users Cite Mixed I/O as the Most Difficult Performance Challenge
More informationSYMANTEC ENTERPRISE SECURITY. Symantec Internet Security Threat Report September 2005 Power and Energy Industry Data Sheet
SYMANTEC ENTERPRISE SECURITY Symantec Internet Security Threat Report September 00 Power and Energy Industry Data Sheet An important note about these statistics The statistics discussed in this document
More informationProfessional Services for Cloud Management Solutions
Professional Services for Cloud Management Solutions Accelerating Your Cloud Management Capabilities CEOs need people both internal staff and thirdparty providers who can help them think through their
More informationHOW IT INVESTMENT STRATEGIES HELP AND HINDER GOVERNMENT S ADOPTION OF CLOUD & AI
HOW IT INVESTMENT STRATEGIES HELP AND HINDER GOVERNMENT S ADOPTION OF CLOUD & AI Federal agencies have made significant strides in adopting cloud technologies. But a new survey of government IT leaders
More informationA Survey of Defense Mechanisms Against DDoS Flooding A
DDoS Defense: Scope And A Survey of Defense Mechanisms Against DDoS Flooding Attacks IIT Kanpur IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 15, NO. 4, FOURTH QUARTER 2013 DDoS Defense: Scope And Outline
More informationSECURITY SERVICES SECURITY
SECURITY SERVICES SECURITY SOLUTION SUMMARY Computacenter helps organisations safeguard data, simplify compliance and enable users with holistic security solutions With users, data and devices dispersed
More informationSecurity. Made Smarter.
Security. Made Smarter. Your job is to keep your organization safe from cyberattacks. To do so, your team has to review a monumental amount of data that is growing exponentially by the minute. Your team
More informationMULTIPLAYER GAMING SOLUTION BRIEF
AMERICAS MULTIPLAYER GAMING SOLUTION BRIEF PLAYER-CENTRIC INNOVATION FOR MULTIPLAYER GAMING Multiplayer Gaming, Social Gatherings for Gamers Video-game-related crime is almost as old as the industry itself.
More informationCYBERSECURITY RESILIENCE
CLOSING THE IN CYBERSECURITY RESILIENCE AT U.S. GOVERNMENT AGENCIES Two-thirds of federal IT executives in a new survey say their agency s ability to withstand a cyber event, and continue to function,
More informationPAIN AND PROGRESS THE RSA CYBERSECURITY AND BUSINESS RISK STUDY
WHITEPAPER PAIN AND PROGRESS THE RSA CYBERSECURITY AND BUSINESS RISK STUDY CONTENTS Executive Summary........................................ 3 The Cybersecurity and Business Risk Survey..........................
More informationEnterprise D/DoS Mitigation Solution offering
Enterprise D/DoS Mitigation Solution offering About the Domain TCS Enterprise Security and Risk Management (ESRM) offers full services play in security with integrated security solutions. ESRM s solution
More information