Distributed denial of service (DDoS) attacks have become a part of having a presence on the web. While the question used to be if you will be attacked, today it is only a matter of when. Because of this, it is more important than ever to have a defense strategy in place. But, for all the media coverage and attention any DDoS attack may receive, their purpose and how to best defend against them are not always well understood.
According to the 2016 Verizon data breach incident report (DBIR), DDoS and web app attacks have increased substantially over the last year. Successful data breaches of web app attacks where data was stolen increased from 7% to 40% with targeted data including:
- Credit card data
- Personal information
- Financial credentials
If you want to ensure that your business is ready for a DDoS attack there are a number of best practices you should keep in mind. What follow are 5 recommendations from our 10 years of experience managing over 80,000 servers. If you want an even more in depth overview, as well 5 more recommendations, you can download the full white paper here.
Fred Streefland, IT-Security Manager at LeaseWeb and Dave Maasland, CEO Eset Netherlands.
A version of this article originally appeared on Computable.
Recently we’ve had the opportunity (a quite fun and interesting opportunity), to visit a number of Information Security and Cyber Security congresses. During these congresses we were flooded with relatively ‘new’ developments such as Next-Generation, IoT (Internet of Things), IoT DDoS, Security Intelligence Platform, et cetera. The fact that some these terms have become ‘hype’ is not in itself a problem, but we did begin to wonder whether the security world may be looking at things in the wrong way and thereby missing the demands that need to be addressed.
In this article we will suggest a new way of looking at cybersecurity that stops viewing it as a goal in itself and instead as something that is directly connected to business needs. As it stands now, it seems that too many security-organizations are missing the mark.
Security can be quite complex, but its essence is quite simple. Security is nothing more than reducing or taking away risks, and making them visible so that the business can accept them and continue doing its work – nothing more, nothing less. To do this as effectively and efficiently as possible, we, as security-people, have to understand the business and not see it solely from an IT-Perspective but form the broader perspective of the business itself.
When starting from the business, we first have to identify, map, and categorize the risks for the specific business. Second, we have to determine, together with the business itself, which risks need to be dealt with in which order. When that’s done, the person responsible for security within the company has to set-up a security-plan that depicts how these changes are executed. When doing so, there should always be clear goals and deadlines. Ideally, this should be done in a ‘smart’ way, one step at a time, so as to not engage in too many projects at once.
Lesson 1: Start with the business (and its risks)