SlideShare a Scribd company logo

Tierpoint webinar: Multi-vector DDoS attacks: detection and mitigation_Jan2016

T
TierPoint

Nearly half of those businesses who suffered a DDoS attack in 2014 saw their organization taken completely offline. Why? Because over 80% of DDoS attacks are now multi-vector, striking the application layer and the network layer simultaneously, and often dragging on for days. During this webinar, Paul Mazzucco, TierPoint's Chief Security Officer, describes how these multi-vector DDoS attacks are being perpetrated and what you can do to mitigate against these complex intrusions.

Technology
1 of 20
Download to read offline
Multi-vector DDOS Attacks Detection and Mitigation Paul Mazzucco Chief Security Officer January 2016
Key Reasons for Cyber Attacks Source: Hackmagedden Source: Hackmagedden 4 months later …December 2014
DoS/DDoS Attacks New Cyber Weapon of Choice Cyber Attack Sophistication Is Increasing • Lower bandwidth attacks occur more frequently, last longer, evade detection - Overwhelm servers, take down site • Multi-vector campaigns - Booter services - Dark DDoS attacks (smokescreens) - Distract victims, other attacks infiltrate corporate networks - DDoS-as-a-Service business model - Botnets for hire, $6/month Cyber Attack Sophistication Is Increasing • Lower bandwidth attacks occur more frequently, last longer, evade detection - Overwhelm servers, take down site • Multi-vector campaigns - Booter services - Dark DDoS attacks (smokescreens) - Distract victims, other attacks infiltrate corporate networks - DDoS-as-a-Service business model - Botnets for hire, $6/month Source: AkamaiSource: AkamaiSource: Imperva
The Industry Hit List Drivers: the rise of the Internet of Things, web vulnerabilities and botnet building Choice Targets • Competitive industries, e.g. gaming • SaaS platforms, e.g. healthcare data • Multi-tenant platforms: attacks on one tenant impact all other tenants Drivers: the rise of the Internet of Things, web vulnerabilities and botnet building Choice Targets • Competitive industries, e.g. gaming • SaaS platforms, e.g. healthcare data • Multi-tenant platforms: attacks on one tenant impact all other tenants Source: Akamai 20% of DDoS attacks last over 5 days The longest attack in 2015 lasted 64 days
Lightening Often Strikes More Than Twice 50% of North American and European companies have been attacked • 83% of companies attacked repeatedly • Star Trek Online (STO) – 3 times, Sept ‘15 • Neverwinter Online – 3 times, Sept ‘15 • 54% attacked 6+ times annually • Rutgers Univ – 6 times in 2015 • 25% experienced theft of data or funds • U.S. FTC has reached settlements with 50+ companies over poor data security practices 50% of North American and European companies have been attacked • 83% of companies attacked repeatedly • Star Trek Online (STO) – 3 times, Sept ‘15 • Neverwinter Online – 3 times, Sept ‘15 • 54% attacked 6+ times annually • Rutgers Univ – 6 times in 2015 • 25% experienced theft of data or funds • U.S. FTC has reached settlements with 50+ companies over poor data security practices Source: Akamai Losses greater than 30,000 records Source: Neustar and The Ponemon Institute
Where Are the Attacks Taking Place? The 7 Layers of the OSI Model Session attacks typically defeat conventional firewalls Source: Akamai Infrastructure-layer DDoS attacks outnumber application-layer attacks 9-to-1 Source: Akamai
• 88% of application-based attacks came over HTTP • 15% of organizations reported attacks targeting Web application log in pages on a daily basis • UDP fragments becoming the largest portion of network layer attack traffic Source: Akamai • 88% of application-based attacks came over HTTP • 15% of organizations reported attacks targeting Web application log in pages on a daily basis • UDP fragments becoming the largest portion of network layer attack traffic Source: Akamai Significant Attack Vectors Have Emerged
The Simple Service Discovery Protocol (SSDP) - Top Infrastructure-based Attack Vector SSDP comes pre-enabled on millions of devices – routers, media servers, web cams, smart TVs, printers, automobiles Allows devices to discover each other on a network, establish communication, coordinate activities Attackers are armed with a list of vulnerable devices; use them as reflectors to amplify a DDoS attack SSDP comes pre-enabled on millions of devices – routers, media servers, web cams, smart TVs, printers, automobiles Allows devices to discover each other on a network, establish communication, coordinate activities Attackers are armed with a list of vulnerable devices; use them as reflectors to amplify a DDoS attackSSDP accounted for more than 20% of attack vectors in 2015
Attackers Quickly Strike Back Attackers are continually developing new attack vectors that defeat mitigation tools They respond in days / hours after mitigation tools are deployed Meaning businesses face two chief challenges: • The increasing complexity of security, i.e. multi-pronged nature of the attacks • Speed at which attackers adapt to new mitigation tools
Compromise Takes Minutes, Discovery Takes Longer Source: Radware The cost of DDoS attacks • Average $40K per hour • 32% of companies would loose over $100K revenue per hour of attack • 11% of US companies would loose $1 Million+ revenue per hour of attack Source: Neustar 1 in 5 companies were told of attacks by customers, partners, other 3rd parties
• Envelope Attacks – Device Overload • Directed Attacks - Exploits • Intrusions – Mis-Configurations • Localized Volume Attacks • Low & Slow Attacks • SSL Floods Required Detection: Encrypted/Non-Volumetric Attacks
• Web Attacks • Application Misuse • Connection Floods • Brute Force • Directory Traversals • Injections • Scraping & API Misuse Required Detection: Application Attacks
• Network DDoS • SYN Floods • HTTP Floods Required Detection: Volumetric Attacks
Fight Back – Advice #1 Don’t assume your company is not a target Bake DDoS mitigation into your business resiliency planning Understand that no two DDoS attacks are exactly alike Ensure buy-in from ALL C-suite executives
Fight Back – Advice #2 Protecting your data is not the same as protecting your business Also review your current investments in system integrity and operational availability Then gauge the increase required to ensure appropriate protection
Fight Back – Advice #3 You can’t defend against attacks you can’t detect Understand your vulnerabilities in today’s distributed environments
Fight Back – Advice #4 Evaluate DDoS protection solutions Consider a hybrid approach of layered DDoS defenses: always on, on-premise hardware blocking plus cloud-based traffic scrubbing
Fight Back – Advice #5 Know your limitations Enlist specialists that have the expertise to help you fight and win
> Submit your question via webinar chat box > Email the Event Moderator post- event – If we can’t get to your question on the call, we’ll respond promptly via email: Sue.Lawrence-Longo@tierpoint.com
Webinars On Demand… > Visit our website to view any of our previous webinars on demand (Resources > Library > Webinars): – Cloud Security Myths – When Virtualization Meets Infrastructure: A Business Transformation Story – BYOD: Is This Exploding Trend a Security Time-Bomb? – How to Investigate Your Cloud Provider’s Security Capabilities – How to Position Cloud ROI – Mitigate Risk with Hybrid DR in the Cloud – 7 Smart Metrics to Calculate Cloud ROI – Cloud, Colo or Hybrid - Top 4 Considerations

Recommended

Web Attack Survival Guide
Web Attack Survival GuideWeb Attack Survival Guide
Web Attack Survival Guide- Mark - Fullbright
 
AI for Ransomware Detection & Prevention Insights from Patents
AI for Ransomware Detection & Prevention Insights from PatentsAI for Ransomware Detection & Prevention Insights from Patents
AI for Ransomware Detection & Prevention Insights from PatentsAlex G. Lee, Ph.D. Esq. CLP
 
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreThe Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreRadware
 
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...SaraPia5
 
Cyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSCyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSKenny Huang Ph.D.
 
20140313_tu_delft
20140313_tu_delft20140313_tu_delft
20140313_tu_delftUniversity of Twente
 
Industry reactions to wanna cry ransomware attacks
Industry reactions to wanna cry ransomware attacksIndustry reactions to wanna cry ransomware attacks
Industry reactions to wanna cry ransomware attackskevinmass30
 
20150311 bit module7_tbk_bit_lecture
20150311 bit module7_tbk_bit_lecture20150311 bit module7_tbk_bit_lecture
20150311 bit module7_tbk_bit_lectureUniversity of Twente
 

Recommended

Web Attack Survival Guide
Web Attack Survival GuideWeb Attack Survival Guide
Web Attack Survival Guide- Mark - Fullbright
 
AI for Ransomware Detection & Prevention Insights from Patents
AI for Ransomware Detection & Prevention Insights from PatentsAI for Ransomware Detection & Prevention Insights from Patents
AI for Ransomware Detection & Prevention Insights from PatentsAlex G. Lee, Ph.D. Esq. CLP
 
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreThe Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreRadware
 
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...SaraPia5
 
Cyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSCyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSKenny Huang Ph.D.
 
20140313_tu_delft
20140313_tu_delft20140313_tu_delft
20140313_tu_delftUniversity of Twente
 
Industry reactions to wanna cry ransomware attacks
Industry reactions to wanna cry ransomware attacksIndustry reactions to wanna cry ransomware attacks
Industry reactions to wanna cry ransomware attackskevinmass30
 
20150311 bit module7_tbk_bit_lecture
20150311 bit module7_tbk_bit_lecture20150311 bit module7_tbk_bit_lecture
20150311 bit module7_tbk_bit_lectureUniversity of Twente
 
DDOS Attack
DDOS Attack DDOS Attack
DDOS Attack Ahmed Salama
 
20160316_tbk_bit_module7
20160316_tbk_bit_module720160316_tbk_bit_module7
20160316_tbk_bit_module7University of Twente
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Michele Chubirka
 
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessWebinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessStorage Switzerland
 
Denial of Service Attacks
Denial of Service AttacksDenial of Service Attacks
Denial of Service AttacksBrent Muir
 
How to Recover from a Ransomware Disaster
How to Recover from a Ransomware DisasterHow to Recover from a Ransomware Disaster
How to Recover from a Ransomware DisasterSpanning Cloud Apps
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyVeriato
 
Recover your files from Ransomware - Ransomware Incident Response by Tictac
Recover your files from Ransomware - Ransomware Incident Response by TictacRecover your files from Ransomware - Ransomware Incident Response by Tictac
Recover your files from Ransomware - Ransomware Incident Response by TictacTicTac Data Recovery
 
Crack the Code
Crack the CodeCrack the Code
Crack the CodeInnoTech
 
Ransomware: The Impact is Real
Ransomware: The Impact is RealRansomware: The Impact is Real
Ransomware: The Impact is RealNICSA
 
IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015Andreanne Clarke
 
DDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtDDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtNitin Bisht
 
Brochure - Jan 14
Brochure - Jan 14Brochure - Jan 14
Brochure - Jan 14Dominic Vogel
 
Cyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentCyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentDavid Sweigert
 
Hitcon 2014: Surviving in tough Russian Environment
Hitcon 2014: Surviving in tough Russian EnvironmentHitcon 2014: Surviving in tough Russian Environment
Hitcon 2014: Surviving in tough Russian EnvironmentF _
 
Can cyber extortion happen to you? Practical tools for assessing the threat
Can cyber extortion happen to you? Practical tools for assessing the threatCan cyber extortion happen to you? Practical tools for assessing the threat
Can cyber extortion happen to you? Practical tools for assessing the threatTony Martin-Vegue
 
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?Storage Switzerland
 
DDoS threat landscape report
DDoS threat landscape reportDDoS threat landscape report
DDoS threat landscape reportBee_Ware
 
Cyber security series advanced persistent threats
Cyber security series advanced persistent threats Cyber security series advanced persistent threats
Cyber security series advanced persistent threats Jim Kaplan CIA CFE
 
Extend Network Visibility and Secure Applications and Data in Azure
Extend Network Visibility and Secure Applications and Data in AzureExtend Network Visibility and Secure Applications and Data in Azure
Extend Network Visibility and Secure Applications and Data in AzureFidelis Cybersecurity
 
Service Provider Deployment of DDoS Mitigation
Service Provider Deployment of DDoS MitigationService Provider Deployment of DDoS Mitigation
Service Provider Deployment of DDoS MitigationCorero Network Security
 
Radware Cloud Security Services
Radware Cloud Security ServicesRadware Cloud Security Services
Radware Cloud Security ServicesRadware
 

More Related Content

What's hot

Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Michele Chubirka
 
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessWebinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessStorage Switzerland
 
Denial of Service Attacks
Denial of Service AttacksDenial of Service Attacks
Denial of Service AttacksBrent Muir
 
How to Recover from a Ransomware Disaster
How to Recover from a Ransomware DisasterHow to Recover from a Ransomware Disaster
How to Recover from a Ransomware DisasterSpanning Cloud Apps
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyVeriato
 
Recover your files from Ransomware - Ransomware Incident Response by Tictac
Recover your files from Ransomware - Ransomware Incident Response by TictacRecover your files from Ransomware - Ransomware Incident Response by Tictac
Recover your files from Ransomware - Ransomware Incident Response by TictacTicTac Data Recovery
 
Crack the Code
Crack the CodeCrack the Code
Crack the CodeInnoTech
 
Ransomware: The Impact is Real
Ransomware: The Impact is RealRansomware: The Impact is Real
Ransomware: The Impact is RealNICSA
 
IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015Andreanne Clarke
 
DDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtDDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtNitin Bisht
 
Cyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentCyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentDavid Sweigert
 
Hitcon 2014: Surviving in tough Russian Environment
Hitcon 2014: Surviving in tough Russian EnvironmentHitcon 2014: Surviving in tough Russian Environment
Hitcon 2014: Surviving in tough Russian EnvironmentF _
 
Can cyber extortion happen to you? Practical tools for assessing the threat
Can cyber extortion happen to you? Practical tools for assessing the threatCan cyber extortion happen to you? Practical tools for assessing the threat
Can cyber extortion happen to you? Practical tools for assessing the threatTony Martin-Vegue
 
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?Storage Switzerland
 
DDoS threat landscape report
DDoS threat landscape reportDDoS threat landscape report
DDoS threat landscape reportBee_Ware
 
Cyber security series advanced persistent threats
Cyber security series advanced persistent threats Cyber security series advanced persistent threats
Cyber security series advanced persistent threats Jim Kaplan CIA CFE
 
Extend Network Visibility and Secure Applications and Data in Azure
Extend Network Visibility and Secure Applications and Data in AzureExtend Network Visibility and Secure Applications and Data in Azure
Extend Network Visibility and Secure Applications and Data in AzureFidelis Cybersecurity
 

What's hot (20)

DDOS Attack
DDOS Attack DDOS Attack
DDOS Attack
 
20160316_tbk_bit_module7
20160316_tbk_bit_module720160316_tbk_bit_module7
20160316_tbk_bit_module7
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
 
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessWebinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
 
Denial of Service Attacks
Denial of Service AttacksDenial of Service Attacks
Denial of Service Attacks
 
How to Recover from a Ransomware Disaster
How to Recover from a Ransomware DisasterHow to Recover from a Ransomware Disaster
How to Recover from a Ransomware Disaster
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your Company
 
Recover your files from Ransomware - Ransomware Incident Response by Tictac
Recover your files from Ransomware - Ransomware Incident Response by TictacRecover your files from Ransomware - Ransomware Incident Response by Tictac
Recover your files from Ransomware - Ransomware Incident Response by Tictac
 
Crack the Code
Crack the CodeCrack the Code
Crack the Code
 
Ransomware: The Impact is Real
Ransomware: The Impact is RealRansomware: The Impact is Real
Ransomware: The Impact is Real
 
IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015
 
DDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtDDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin Bisht
 
Brochure - Jan 14
Brochure - Jan 14Brochure - Jan 14
Brochure - Jan 14
 
Cyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentCyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public Comment
 
Hitcon 2014: Surviving in tough Russian Environment
Hitcon 2014: Surviving in tough Russian EnvironmentHitcon 2014: Surviving in tough Russian Environment
Hitcon 2014: Surviving in tough Russian Environment
 
Can cyber extortion happen to you? Practical tools for assessing the threat
Can cyber extortion happen to you? Practical tools for assessing the threatCan cyber extortion happen to you? Practical tools for assessing the threat
Can cyber extortion happen to you? Practical tools for assessing the threat
 
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
 
DDoS threat landscape report
DDoS threat landscape reportDDoS threat landscape report
DDoS threat landscape report
 
Cyber security series advanced persistent threats
Cyber security series advanced persistent threats Cyber security series advanced persistent threats
Cyber security series advanced persistent threats
 
Extend Network Visibility and Secure Applications and Data in Azure
Extend Network Visibility and Secure Applications and Data in AzureExtend Network Visibility and Secure Applications and Data in Azure
Extend Network Visibility and Secure Applications and Data in Azure
 

Viewers also liked

Service Provider Deployment of DDoS Mitigation
Service Provider Deployment of DDoS MitigationService Provider Deployment of DDoS Mitigation
Service Provider Deployment of DDoS MitigationCorero Network Security
 
Radware Cloud Security Services
Radware Cloud Security ServicesRadware Cloud Security Services
Radware Cloud Security ServicesRadware
 
DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16Radware
 
(SEC306) Defending Against DDoS Attacks
(SEC306) Defending Against DDoS Attacks(SEC306) Defending Against DDoS Attacks
(SEC306) Defending Against DDoS AttacksAmazon Web Services
 

Viewers also liked (6)

Service Provider Deployment of DDoS Mitigation
Service Provider Deployment of DDoS MitigationService Provider Deployment of DDoS Mitigation
Service Provider Deployment of DDoS Mitigation
 
Radware Cloud Security Services
Radware Cloud Security ServicesRadware Cloud Security Services
Radware Cloud Security Services
 
DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16
 
DDoS Attacks
DDoS AttacksDDoS Attacks
DDoS Attacks
 
(SEC306) Defending Against DDoS Attacks
(SEC306) Defending Against DDoS Attacks(SEC306) Defending Against DDoS Attacks
(SEC306) Defending Against DDoS Attacks
 
Marketing Plan Presentation
Marketing Plan PresentationMarketing Plan Presentation
Marketing Plan Presentation
 

Similar to Tierpoint webinar: Multi-vector DDoS attacks: detection and mitigation_Jan2016

Luncheon 2015-08-20 - Multi-vector DDOS Attacks Detection and Mitigation by P...
Luncheon 2015-08-20 - Multi-vector DDOS Attacks Detection and Mitigation by P...Luncheon 2015-08-20 - Multi-vector DDOS Attacks Detection and Mitigation by P...
Luncheon 2015-08-20 - Multi-vector DDOS Attacks Detection and Mitigation by P...North Texas Chapter of the ISSA
 
Protecting your business from ddos attacks
Protecting your business from ddos attacksProtecting your business from ddos attacks
Protecting your business from ddos attacksSaptha Wanniarachchi
 
comparing-approaches-for-web-dns-infrastructure-security-white-paper
comparing-approaches-for-web-dns-infrastructure-security-white-papercomparing-approaches-for-web-dns-infrastructure-security-white-paper
comparing-approaches-for-web-dns-infrastructure-security-white-paperRenny Shen
 
Akamai___WebSecurity_eBook_Final
Akamai___WebSecurity_eBook_FinalAkamai___WebSecurity_eBook_Final
Akamai___WebSecurity_eBook_FinalCheryl Goldberg
 
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCThe Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCCloudflare
 
The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]Radware
 
types of cyber attack by taufiqurrahman.pptx
types of cyber attack by taufiqurrahman.pptxtypes of cyber attack by taufiqurrahman.pptx
types of cyber attack by taufiqurrahman.pptxtaufiq463421
 
The role of DDoS Providers
The role of DDoS ProvidersThe role of DDoS Providers
The role of DDoS ProvidersNeil Hinton
 
Malware attack Social engineering attack
Malware attack Social engineering attackMalware attack Social engineering attack
Malware attack Social engineering attacktaufiq463421
 
TECHNICAL WHITE PAPER: The Continued rise of DDoS Attacks
TECHNICAL WHITE PAPER: The Continued rise of DDoS AttacksTECHNICAL WHITE PAPER: The Continued rise of DDoS Attacks
TECHNICAL WHITE PAPER: The Continued rise of DDoS AttacksSymantec
 
Russian and Worldwide Internet Security Trends 2015
Russian and Worldwide Internet Security Trends 2015Russian and Worldwide Internet Security Trends 2015
Russian and Worldwide Internet Security Trends 2015Qrator Labs
 
2016 CYBERSECURITY PLAYBOOK
2016 CYBERSECURITY PLAYBOOK2016 CYBERSECURITY PLAYBOOK
2016 CYBERSECURITY PLAYBOOKBoris Loukanov
 
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCDefending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCCloudflare
 
Introduction to the Current Threat Landscape
Introduction to the Current Threat LandscapeIntroduction to the Current Threat Landscape
Introduction to the Current Threat LandscapeMelbourne IT
 
InfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarInfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarRadware
 

Similar to Tierpoint webinar: Multi-vector DDoS attacks: detection and mitigation_Jan2016 (20)

Luncheon 2015-08-20 - Multi-vector DDOS Attacks Detection and Mitigation by P...
Luncheon 2015-08-20 - Multi-vector DDOS Attacks Detection and Mitigation by P...Luncheon 2015-08-20 - Multi-vector DDOS Attacks Detection and Mitigation by P...
Luncheon 2015-08-20 - Multi-vector DDOS Attacks Detection and Mitigation by P...
 
Protecting your business from ddos attacks
Protecting your business from ddos attacksProtecting your business from ddos attacks
Protecting your business from ddos attacks
 
comparing-approaches-for-web-dns-infrastructure-security-white-paper
comparing-approaches-for-web-dns-infrastructure-security-white-papercomparing-approaches-for-web-dns-infrastructure-security-white-paper
comparing-approaches-for-web-dns-infrastructure-security-white-paper
 
Akamai___WebSecurity_eBook_Final
Akamai___WebSecurity_eBook_FinalAkamai___WebSecurity_eBook_Final
Akamai___WebSecurity_eBook_Final
 
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCThe Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
 
The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]
 
DDoS Report.docx
DDoS Report.docxDDoS Report.docx
DDoS Report.docx
 
types of cyber attack by taufiqurrahman.pptx
types of cyber attack by taufiqurrahman.pptxtypes of cyber attack by taufiqurrahman.pptx
types of cyber attack by taufiqurrahman.pptx
 
The role of DDoS Providers
The role of DDoS ProvidersThe role of DDoS Providers
The role of DDoS Providers
 
Malware attack Social engineering attack
Malware attack Social engineering attackMalware attack Social engineering attack
Malware attack Social engineering attack
 
Module 1.pdf
Module 1.pdfModule 1.pdf
Module 1.pdf
 
module 1 Cyber Security Concepts
module 1 Cyber Security Conceptsmodule 1 Cyber Security Concepts
module 1 Cyber Security Concepts
 
5 Ways To Fight A DDoS Attack
5 Ways To Fight A DDoS Attack5 Ways To Fight A DDoS Attack
5 Ways To Fight A DDoS Attack
 
TECHNICAL WHITE PAPER: The Continued rise of DDoS Attacks
TECHNICAL WHITE PAPER: The Continued rise of DDoS AttacksTECHNICAL WHITE PAPER: The Continued rise of DDoS Attacks
TECHNICAL WHITE PAPER: The Continued rise of DDoS Attacks
 
Stickler_Unit6
Stickler_Unit6Stickler_Unit6
Stickler_Unit6
 
Russian and Worldwide Internet Security Trends 2015
Russian and Worldwide Internet Security Trends 2015Russian and Worldwide Internet Security Trends 2015
Russian and Worldwide Internet Security Trends 2015
 
2016 CYBERSECURITY PLAYBOOK
2016 CYBERSECURITY PLAYBOOK2016 CYBERSECURITY PLAYBOOK
2016 CYBERSECURITY PLAYBOOK
 
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCDefending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
 
Introduction to the Current Threat Landscape
Introduction to the Current Threat LandscapeIntroduction to the Current Threat Landscape
Introduction to the Current Threat Landscape
 
InfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarInfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber War
 

Recently uploaded

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 

Recently uploaded (20)

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

Tierpoint webinar: Multi-vector DDoS attacks: detection and mitigation_Jan2016

  • 1. Multi-vector DDOS Attacks Detection and Mitigation Paul Mazzucco Chief Security Officer January 2016
  • 2. Key Reasons for Cyber Attacks Source: Hackmagedden Source: Hackmagedden 4 months later …December 2014
  • 3. DoS/DDoS Attacks New Cyber Weapon of Choice Cyber Attack Sophistication Is Increasing • Lower bandwidth attacks occur more frequently, last longer, evade detection - Overwhelm servers, take down site • Multi-vector campaigns - Booter services - Dark DDoS attacks (smokescreens) - Distract victims, other attacks infiltrate corporate networks - DDoS-as-a-Service business model - Botnets for hire, $6/month Cyber Attack Sophistication Is Increasing • Lower bandwidth attacks occur more frequently, last longer, evade detection - Overwhelm servers, take down site • Multi-vector campaigns - Booter services - Dark DDoS attacks (smokescreens) - Distract victims, other attacks infiltrate corporate networks - DDoS-as-a-Service business model - Botnets for hire, $6/month Source: AkamaiSource: AkamaiSource: Imperva
  • 4. The Industry Hit List Drivers: the rise of the Internet of Things, web vulnerabilities and botnet building Choice Targets • Competitive industries, e.g. gaming • SaaS platforms, e.g. healthcare data • Multi-tenant platforms: attacks on one tenant impact all other tenants Drivers: the rise of the Internet of Things, web vulnerabilities and botnet building Choice Targets • Competitive industries, e.g. gaming • SaaS platforms, e.g. healthcare data • Multi-tenant platforms: attacks on one tenant impact all other tenants Source: Akamai 20% of DDoS attacks last over 5 days The longest attack in 2015 lasted 64 days
  • 5. Lightening Often Strikes More Than Twice 50% of North American and European companies have been attacked • 83% of companies attacked repeatedly • Star Trek Online (STO) – 3 times, Sept ‘15 • Neverwinter Online – 3 times, Sept ‘15 • 54% attacked 6+ times annually • Rutgers Univ – 6 times in 2015 • 25% experienced theft of data or funds • U.S. FTC has reached settlements with 50+ companies over poor data security practices 50% of North American and European companies have been attacked • 83% of companies attacked repeatedly • Star Trek Online (STO) – 3 times, Sept ‘15 • Neverwinter Online – 3 times, Sept ‘15 • 54% attacked 6+ times annually • Rutgers Univ – 6 times in 2015 • 25% experienced theft of data or funds • U.S. FTC has reached settlements with 50+ companies over poor data security practices Source: Akamai Losses greater than 30,000 records Source: Neustar and The Ponemon Institute
  • 6. Where Are the Attacks Taking Place? The 7 Layers of the OSI Model Session attacks typically defeat conventional firewalls Source: Akamai Infrastructure-layer DDoS attacks outnumber application-layer attacks 9-to-1 Source: Akamai
  • 7. • 88% of application-based attacks came over HTTP • 15% of organizations reported attacks targeting Web application log in pages on a daily basis • UDP fragments becoming the largest portion of network layer attack traffic Source: Akamai • 88% of application-based attacks came over HTTP • 15% of organizations reported attacks targeting Web application log in pages on a daily basis • UDP fragments becoming the largest portion of network layer attack traffic Source: Akamai Significant Attack Vectors Have Emerged
  • 8. The Simple Service Discovery Protocol (SSDP) - Top Infrastructure-based Attack Vector SSDP comes pre-enabled on millions of devices – routers, media servers, web cams, smart TVs, printers, automobiles Allows devices to discover each other on a network, establish communication, coordinate activities Attackers are armed with a list of vulnerable devices; use them as reflectors to amplify a DDoS attack SSDP comes pre-enabled on millions of devices – routers, media servers, web cams, smart TVs, printers, automobiles Allows devices to discover each other on a network, establish communication, coordinate activities Attackers are armed with a list of vulnerable devices; use them as reflectors to amplify a DDoS attackSSDP accounted for more than 20% of attack vectors in 2015
  • 9. Attackers Quickly Strike Back Attackers are continually developing new attack vectors that defeat mitigation tools They respond in days / hours after mitigation tools are deployed Meaning businesses face two chief challenges: • The increasing complexity of security, i.e. multi-pronged nature of the attacks • Speed at which attackers adapt to new mitigation tools
  • 10. Compromise Takes Minutes, Discovery Takes Longer Source: Radware The cost of DDoS attacks • Average $40K per hour • 32% of companies would loose over $100K revenue per hour of attack • 11% of US companies would loose $1 Million+ revenue per hour of attack Source: Neustar 1 in 5 companies were told of attacks by customers, partners, other 3rd parties
  • 11. • Envelope Attacks – Device Overload • Directed Attacks - Exploits • Intrusions – Mis-Configurations • Localized Volume Attacks • Low & Slow Attacks • SSL Floods Required Detection: Encrypted/Non-Volumetric Attacks
  • 12. • Web Attacks • Application Misuse • Connection Floods • Brute Force • Directory Traversals • Injections • Scraping & API Misuse Required Detection: Application Attacks
  • 13. • Network DDoS • SYN Floods • HTTP Floods Required Detection: Volumetric Attacks
  • 14. Fight Back – Advice #1 Don’t assume your company is not a target Bake DDoS mitigation into your business resiliency planning Understand that no two DDoS attacks are exactly alike Ensure buy-in from ALL C-suite executives
  • 15. Fight Back – Advice #2 Protecting your data is not the same as protecting your business Also review your current investments in system integrity and operational availability Then gauge the increase required to ensure appropriate protection
  • 16. Fight Back – Advice #3 You can’t defend against attacks you can’t detect Understand your vulnerabilities in today’s distributed environments
  • 17. Fight Back – Advice #4 Evaluate DDoS protection solutions Consider a hybrid approach of layered DDoS defenses: always on, on-premise hardware blocking plus cloud-based traffic scrubbing
  • 18. Fight Back – Advice #5 Know your limitations Enlist specialists that have the expertise to help you fight and win
  • 19. > Submit your question via webinar chat box > Email the Event Moderator post- event – If we can’t get to your question on the call, we’ll respond promptly via email: Sue.Lawrence-Longo@tierpoint.com
  • 20. Webinars On Demand… > Visit our website to view any of our previous webinars on demand (Resources > Library > Webinars): – Cloud Security Myths – When Virtualization Meets Infrastructure: A Business Transformation Story – BYOD: Is This Exploding Trend a Security Time-Bomb? – How to Investigate Your Cloud Provider’s Security Capabilities – How to Position Cloud ROI – Mitigate Risk with Hybrid DR in the Cloud – 7 Smart Metrics to Calculate Cloud ROI – Cloud, Colo or Hybrid - Top 4 Considerations