Would most enterprises really rather fend for themselves when it comes to security? One reputable survey seems to say so. Organizations are largely investing technology and staffing budgets earmarked for information security into related in-house skills and technology, according to a 2016 SANS Institute report on IT Security Spending Trends. That could and probably would be the topic of this article but for one little thing.
DDoS security stands out as the only exception in the aforementioned report with companies spending outside their own ranks for detection and remediation. Most companies surveyed prefer cloud service-based DDoS protection when picking a provider.
A list of top DDoS protection cloud services given in random order can include F5 Silverline, Arbor Networks’ Arbor Cloud, CloudFlare’s advanced DDoS protection, VeriSign DDoS Protection Service, Imperva Incapsula, Akamai Kona Site Defender, Cisco Guard, and Level3 DDoS Mitigation. There are many more such services; this list includes the best, depending on who you talk to.
Risk profiles, coverage, research methods, deployments
Here are four tips to know when preparing to select a DDoS protection cloud service.
Tip No.1: Know Your Risk Profile. Determining what DDoS protection cloud service is best for your business starts with knowing the risk profile of your organization, since you will have to marry a suitable service to that profile. ISACA offers information about what to include in a risk profile. According to Tim Cullen, senior security consultant, CISSP, and chair at the Cybersecurity Simulation for the Technology Association of Georgia, here are the impact profile points you must know for your enterprise.
- How long can your site/service endure downtime in the event of a successful DDoS attack?
- What is the range of losses in revenue that would affect your company if an attack prevails?
- How would DDoS inflicted downtime contribute to loss of customer confidence or market share?
Tip No.2: Know the protections/coverage you need. Once you have established what the weight of these pain points would be on your organization in and after an active attack, you need to establish what kinds of protections are necessary.
You might, for example, need to detect and protect yourself against zero-day attacks since many DDoS attacks flood requests for services using new OS or application vulnerabilities that the vendors have not yet patched, explains Cullen. “You need to know how quickly the provider can implement the solution to protect you and whether it secures you and your data if you are currently under attack,” adds Cullen.
Tip No.3: Know providers’ research methods. The methods the DDoS protection cloud service uses to gather data about attack vectors is also important to your selection. According to Cullen, you should confirm whether the provider has and uses the following abilities:
- Do they use their own metrics for isolating attack data?
- Do they rather use a cloud service to report and disseminate attack alerts and to update virus/malware signatures?
- Do they have a global footprint for data collection?
- Do they proactively research and identify new attacks as they are first appearing in the wild?
Sign up for CIO Asia eNewsletters.