As in the firm's 2012 survey, most organisations rely on firewalls to protect themselves with only a minority deploying either a DDoS mitigation appliance or some kind of service equivalent; 12 percent said they had no specific DDoS protection in place.
Gradually, regulators are bearing down on this passive approach, with the Federal Financial Institutions Examination Council (FFIEC) in the US requiring banks to put in place response plans to cope with this kind of attack.
What does a DDoS attack look like? Watch Neustar's Youtube visualisation.
Sign up for CIO Asia eNewsletters.