At Radware, we feel strongly that 2012 has been the year of the DDoS attack – and it doesn’t look like it’s going to change any time soon. Over the past few months, we’ve seen strong evidence that cyber attacks, including DDoS and DoS attacks, will only continue to become more intense and more powerful. With little chance these attacks will slow down in the new year, it is essential for organizations to act now to protect themselves. That’s why we commissioned a new in-depth research report, “Cyber Security on the Offense: A study of IT Security Experts.” Co-authored with the Ponemon Institute, this survey of 705 senior IT security practitioners explores the current cyber threat landscape and how well prepared organizations are to deal with today’s large-scale DDoS and DoS attacks.
The results are telling. The majority of organizations (64 percent) say that the severity of cyber attacks is increasing, however less than half of organizations say they are vigilant in monitoring attacks. 65 percent of respondents had also experienced an average of three DDoS attacks over the past 12 months, with several respondents noting they had experienced more than 10 attacks. In essence, cyber attacks are simply outpacing many organizations’ ability to respond.
We’re also seeing a major shift in the way companies are approaching cyber attacks. While just two years ago organizations were very much focused on confidentiality and integrity based attacks, survey respondents indicated that their top priority is now mitigating availability based attacks. As cyber attackers and hacktivists now focus on taking critical applications and networks down for long periods of time, organizations have been forced to switch priorities to better protect their perimeters.
There’s a wealth of key findings in our full report, which you can download here, but I’ve compiled a list of four key takeaways your organization should act on after reading the report:
- Take an offensive stance: Organizations need to be both proactive and offensive in the fight against cyber attacks. Survey results showed that an offensive stance that includes both prevention and counter measures can help protect organizations from both attacks and related consequences.
- Educate yourself: The survey showed us that many organizations often have no real sense of how often they’ve been attacked and are not vigilant in monitoring. I can’t stress this enough: it is essential to be aware of today’s security threats and the available options to prevent such attacks. “We didn’t know” is no longer an acceptable (or business savvy) response. Our new site, DDosWarriors, is also a good resource for the latest on DDoS attacks and security threats.
- Understand the consequences: The survey shows the quantifiable consequences of cyber attacks, both in terms of lost revenue and reputation damage. For some of the IT managers surveyed, this was more than $100,000 in lost revenue for every minute of down time, and an average of $22,000 per minute across all surveyed organizations.
- The time to act is now: Given that cyber attacks are growing in size, number and intensity every day, it is more important than ever for organizations to take proper precautions and make an effort to protect themselves without delay. The findings from the research should be a call to action for the industry, and I urge organizations to take necessary steps to protect themselves now.
To take a deeper dive into the report, sign up here for our webinar with Larry Ponemon from the Ponemon Institute on November 14, where we’ll discuss the survey findings and provide additional actionable insights to help organizations mitigate attacks in an increasingly hostile threat environment.