main

BotnetsDDoSSecurityWAF

Protecting Sensitive Data: A Black Swan Never Truly Sits Still

October 10, 2018 — by Mike O'Malley1

protecting-sensitive-data-never-sit-still-960x540.jpg

The black swan – a rare and unpredictable event notorious for its ability to completely change the tides of a situation.

For cybersecurity, these nightmares can take the form of disabled critical services such as municipal electrical grids and other connected infrastructure networks, data breaches, application failures, and DDoS attacks. They can range from the levels of Equifax’s 2018 Breach Penalty Fines (estimated close to $1.5 billion), to the bankruptcy of Code Spaces following their DDoS attack and breach (one of the 61% of SMBs companies that faced bankruptcy per service provider Verizon’s investigations), to a government-wide shutdown of web access in public servants’ computers in response to a string of cyberattacks.

Litigation and regulation can only do so much to reduce the impact of black swans, but it is up to companies to prepare and defend themselves from cyberattacks that can lead to rippling effects across industries.

[You might also like: What a Breach Means to Your Business]

If It’s So Rare, Why Should My Company Care?

Companies should concern themselves with black swans to understand the depth of the potential long-term financial and reputation damage and suffering. Radware’s research on C-Suite Perspectives regarding the relationship between cybersecurity and customer experience shows that these executives prioritize Customer Loss (41%), Brand Reputation (34%), and Productivity/Operational Loss (34%). Yet, a majority of these same executives have not yet integrated security practices into their company’s security infrastructure such as their application DevOps teams.

The long-term damage on a company’s finances is note-worthy enough. IT provider CGI found that for technology and financial companies alone, they can lose 5-8.5% in enterprise value from the breach. What often goes unreported, however, is the increased customer onboarding costs to combat against large-scale customer churn following breaches.

For the financial sector, global accounting firm KPMG found that consumers not only expect institutions to act quickly and take responsibility, but 48% are willing to switch banks due to lack of responsibility and preparation for future attacks, and untimely notification of the breaches. News publication The Financial Brand found that banking customers have an average churn rate of 20-40% in 12 months, while a potential onboarding cost per customer can be within the $300-$20,000 range. Network hardware manufacturer Cisco estimates as high as 20% of customers and opportunities could be lost.

Just imagine the customer churn rate for a recently-attacked company.

How does that affect me personally as a business leader within my company?

When data breaches occur, the first person that typically takes the blame is the CISO or CSO. A common misconception, however, is that everyone else will be spared any accountability. But the damage is not limited to just security leadership. Due to the wide array of impacts that result from a cyberattack, nearly all C-level executives are at risk; examples include but are not limited to Equifax’s CEO, Richard Smith, Target CEO Gregg Steinhafel and CIO Beth Jacob. This results in a sudden emptiness of C-Suite level employees. Suddenly, there’s a lack of leadership and direction, causing its own internal combination of instability.

Today’s business leaders need to understand that a data breach is no longer limited to the company’s reputation, but the level of welfare of its customers. Just the event of a data breach can shatter the trust between the two entities. CEOs are now expected to be involved with managing the black swan’s consequences; in times of these hardships, they are particularly expected to continue being the voice of the company and to provide direction and assurance to vulnerable customers.

A business leader can be ousted from the company for not having taken cybersecurity seriously enough and/or not understanding the true costs of a cyberattack – that is, if the company hasn’t filed for bankruptcy yet.

Isn’t this something that my company’s Public Relations department should be handling?

One of the biggest contributors to the aftermath chaos of a black swan is the poor/lack of communication from the public relations team. By not disclosing a data breach in a timely manner, companies incur the wrath of the consumer and suffer an even bigger loss in customer loyalty because of delays. A timely announcement is expected as soon as the company discovers the incident, or according to the GDPR, within 72 hours of the discovery.

A company and its CEO should not solely depend on their public relations department to handle a black swan nightmare. Equifax revealed its data breach six weeks after the incident and still hadn’t directly contacted those that were affected, instead of creating a website for customer inquiries. Equifax continues to suffer from customer distrust because of the lack of guidance from the company’s leadership during those critical days in 2017. At a time of confusion and mayhem, a company’s leader must remain forthcoming, reassuring and credible through the black swan’s tide-changing effects.

Following the cybersecurity black swan, a vast majority of consumers must also be convinced that all the security issues have been addressed and rectified, and the company has a plan in place for any future repeated incidents. Those that fail to do so are at risk of losing at least every 1 in 10 customers, exhibiting the potential reach of impact a black swan can have within a company alone, beyond financial aspects.

How Do You Prepare for When the Black Swan Strikes?

When it comes to the black swan, the strategic method isn’t limited to be proactive or reactive, but to be preemptive, according to news publication ComputerWeekly. The black swan is primarily feared for its unpredictability. The key advantage of being preemptive is the level of detail that goes into planning; instead of reacting in real-time during the chaos or having a universal one-size fits all type of strategy, companies should do their best to develop multiple procedures for multiple worst-case scenarios.

Companies cannot afford to be sitting ducks waiting for the black swan to strike, but must have prepared mitigation plans in place for the likelihood. The ability to mitigate through extreme cyber threats and emerging cyberattack tactics is a dual threat to the company, depending on the level of cybersecurity preparation a company possesses. By implementing a strong cybersecurity architecture (internal or third-party), companies can adapt and evolve with the constant-changing security threats landscape; thereby minimizing the opportunities for hackers to take advantage.

In addition to having a well-built security system, precautions should be taken to further strengthen it including WAF Protection, SSL Inspections, DDoS Protection, Bot Protection, and more. Risk management is flawed due to its nature of emphasis on internal risks only. What’s been missing is companies must do more to include the possibilities of industry-wide black swans, such as the Target data breach in 2013 that later extended to Home Depot and other retailers.

It’s Time To Protect Sensitive Data

In the end, the potential impact of a black swan on a company comes down to its business owners. Cybersecurity is no longer limited to a CISO or CSO’s decision, but the CEO. As the symbol and leader of a company, CEOs need to ask themselves if they know how their security model works. Is it easily penetrated? Can it defend against massive cyberattacks?  What IP and customer data am I protecting?  What would happen to the business if that data was breached?

Does it protect sensitive data?

Read “Radware’s 2018 Web Application Security Report” to learn more.

Download Now

Application SecurityCloud SecurityDDoS AttacksSecurityWAF

Protecting Sensitive Data: The Death of an SMB

September 26, 2018 — by Mike O'Malley0

protecting-sensitive-data-death-of-small-medium-business-960x522.jpg

True or False?

90% of small businesses lack any type of data protection for their company and customer information.

The answer?

Unfortunately true.

Due to this lack of care, 61% of data breach victims are specifically small businesses according to service provider Verizon’s 2018 Data Breach Investigations.

Although large corporations garner the most attention in mainstream headlines, small and mid-sized businesses (SMB) are increasingly attractive to hackers because of the combination of valuable records and lack of security protections. The high priority of sensitive data protection should not be limited to large companies but for organizations of all sizes.

While large corporations house large amounts of data, they are also capable of supporting their data center with the respective necessary protections. The combination of lacking security resources while maintaining sensitive personal information is what makes smaller-sized businesses the perfect targets for attackers. Hackers aren’t simply looking at how much information they can gather, but at the ease of access to that data – an area where SMB’s are largely deficient.

The bad publicity and dark connotation that data breaches hold create a survive-or-die situation for SMBs, but there are ways SMBs can mitigate the threat despite limited resources – and they exist in the cloud.

The Struggle to Survive

Because of their smaller stature as a company, most SMBs struggle with the ability to manage cybersecurity protections and mitigation of attacks – especially data breaches. In fact, financial services company UPS Capital found that 60% of smaller businesses fall out of business within six months after a cyberattack. Unlike business giants, SMBs cannot afford the financial hit of data breaches.

Security and privacy of sensitive data is a trending hot topic in today’s society, becoming more of an influence on customers’ purchase decisions. Customers are willing to pay more for provided security protections. Auditor giant KPMG reports that for mobile service providers alone, consumers would not hesitate to switch carriers if one provided better security than the other, as long as pricing is competitive or even for a moderate premium.

[You might also like: Protecting Sensitive Data: What a Breach Means to Your Business]

One Person Just Isn’t Enough

Many SMBs tend to prioritize their business over cybersecurity because of the false belief that attackers would go after large companies first. Research Center Ponemon Institute reports that 51% of its survey respondents say their company believes they are too small to be targeted. For businesses that do invest in cybersecurity, they narrowly focus on anti-virus solutions and neglect other types of attacks such as DDoS, malware, and system exploits that intrusion detection systems can protect from.

Auto dealerships, for example, are typically family-owned and operated businesses, valued at $4 million USD, with typically an average of 15-20 employees overall. Because of its size, of that number of employees there is typically only one employee that manages the IT responsibilities. Dealerships attempt to satisfy the need of security protection with this employee that has relevant certifications and experience; they are equipped with resources to support their day-to-day tasks, but not to manage high-level attacks and threats. Ponemon Institute’s research reports that 73% of its respondents believe they are unable to achieve full effective IT security because of insufficient personnel.

A study conducted by news publication Automotive News found that 33% of consumers lack confidence in the security protection of sensitive data at dealerships. The seriousness of cybersecurity protection, however, should not correlate to the number of employees but the amount and value of the sensitive data collected. The common error dealerships make isn’t the lack of care in their handling of sensitive data, but the underestimation of their likelihood of being attacked.

Dealerships collect valuable consumer information, both personal and financial – ranging from driver’s license information to social security numbers, to bank account information, and even past vehicle records. An insufficient budget and management of IT security make auto dealerships a prime target. In fact, software company MacKeeper in 2016 revealed a massive data breach of 120+ U.S. dealership systems made available on Shodan – a search engine for connected, but unsecured databases and devices. The source of the breach originated from backing up individual data systems to the vendor’s common central systems, without any cybersecurity protections in place.

The Answer is in the Clouds

Cybersecurity is often placed on the backburner of company priorities, perceived as an unnecessary expenditure because of the flawed perception and underestimated likelihood of being attacked. However, the level of protection over personal data is highly valued among today’s consumers and is enough to be the deciding factor for which OS or mobile app/site people would frequent, and likely which SMB they would patronize.

Witnessing the growing trend of data breaches and the rapid advancements of cyberattacks, SMBs are taking note and beginning to increase spending. It is crucial for organizations to not only increase their security budget but to spend it effectively and efficiently. Research firm Cyren and Osterman Research found that 63% of SMBs are increasing their security spending, but still experience breaches.

Internal security systems may seem more secure to smaller business owners, but SMBs lack the necessary security architecture and expertise to safeguard the data being housed. Cloud solutions offer what these businesses need: a data storage system with better security protection services. Meanwhile, in the same Cyren and Osterman Research report, only 29% of IT managers are open to utilizing cloud services. By utilizing cloud-based security as a solution, small-and medium-sized businesses no longer have to depend on one-staff IT departments, but can focus on the growth of their business. Cloud-based security solutions provide enterprise-grade protection alongside improved flexibility and agility that smaller organizations typically lack compared to their large-scale brethren.

Managed security vendors offer a range of fully-managed cloud security solutions for cyberattacks from WAF to DDoS. They are capable of providing more accurate real-time protection and coverage. Although the security is provided by an outside firm, reports and audits can be provided for a deeper analysis of not only the attacks but the company’s defenses. Outsourcing this type of security service to experts enables SMBs to continue achieving and prioritizing their business goals while protecting their work and customer data.

Read the “2018 C-Suite Perspectives: Trends in the Cyberattack Landscape, Security Threats and Business Impacts” to learn more.

Download Now

SecurityWAF

Access to Applications Based on a « Driving License » Model

July 18, 2018 — by Thomas Gobet0

application-licensing-960x640.jpg

More and more countries are modifying their policies with a new “driving license” model.

With a classic license model, drivers can be caught frequently; they just have to pay a huge amount of money to the police each time.

Since this model has lot of limitations, it was changed to a “point-based model.” Either you begin with 0 points (and you increase it based on your “mistakes”) or your points decrease. Regardless of how the model works, you’re still allowed to drive if you have below a certain number of points on your license.

SecurityWAF

WAFs Should Do A Lot More Against Current Threats Than Covering OWASP Top 10

July 12, 2018 — by Ben Zilberman0

owasp-top-10-960x640.jpg

Looking in the rearview mirror

The application threat landscape has rapidly evolved. For years, users consumed applications over the internet using the common tool – web browsers. At every point in time, there were 2-5 web browsers to support, and the variety of application development and testing frameworks was relatively limited. For instance, almost all databases were built using the SQL language. Unfortunately, not long before hackers began to abuse applications in order to steal, delete and modify data. They could take advantage of applications in different ways, primarily by tricking the application user, injecting or remotely executing code. Shortly after, commercialized solutions named Web Application Firewalls (WAF) emerged, and the community responded by creating the Open Web Application Security Project (OWASP) to set and maintain standards and methodologies for secure applications.

DDoSSecurityWAF

Building Tier 1 IP Transit – What’s Involved and Why Do It?

July 11, 2018 — by Richard Cohen3

ip-transit-960x540.jpg

Not all internet connectivity is created equal. Many Tier 2 and Tier 3 ISPs, cloud service providers and data integrators consume IP Transit sourced from Tier 1 Wholesale ISPs (those ISP’s that build and operate their own fabric from L1 services up). In doing so, their ability to offer their customers internet services customised to particular requirements is limited by the choices they have available to them – and many aspects of the services they consume may not be optimal.

DDoSSDNSecurityWAF

Orchestrating Flows for Cyber

January 24, 2018 — by Edward G. Amaroso0

sdn-960x463.jpg

There is a great scene in the movie Victor, Victoria, where the character played by James Garner decides it’s time to mix things up a bit. So, he strolls into an old gritty bar wearing a tuxedo, walks up to the bartender, and orders milk. Within minutes, the other men in the bar decide they’ve had enough of this, and they start an intense bar fight. Garner is soon throwing and taking punches, getting tossed across the floor, and loving every minute of it.

Application DeliveryWAF

Marrying the Business Need With Technology, Part 3: Re-aggregating the Tools

January 18, 2018 — by Daniel Lakier0

reaggregating-tools-960x421.jpg

In part one of this blog series we discussed how there is oftentimes a lack of knowledge when it comes to infrastructure technology and knowhow in the relevant DevOps teams. This is not what was intended when “Agile” moved from being a pure development approach to a whole technology management methodology, but it is where we find ourselves. One of the consequences we face because of this is that the traditional user of many technologies, the developers/application owners, know what functionality they should have but not where to get it.

Application DeliveryWAF

Application Delivery and Application Security Should be Combined

January 17, 2018 — by Frank Yue0

waf-adc-960x579.jpg

Most businesses have multi-function printers that can fax, scan, and copy.  In our roles, we are multi-functional as well.  A network architect is often the operational troubleshooter because of his/her knowledge and expertise.  The financial expert can take on the role of the supply logistics because of their understanding of the parts and processes involved in the day to day business.

SecurityWAF

Taking Stock of Application-Layer Security Threats

January 11, 2018 — by Radware0

waf-finance-960x720.jpg

The financial services industry is, by its very nature, inherently risk adverse. The sheer volume of transactional data moving through networks can be staggering and protecting that data from cyberthreats is strategically and fiscally critical. To understand how financial service executives keep their most prized applications secure, Radware surveyed over 600 chief information security officers (CISOs) and other security leaders across financial services, retail and healthcare industries. This article provides an overview of key findings from Radware’s web application security report: Web Application Security in a Digitally Connected World.