DDoS attacks are one of the most feared, and common, security threats that keep businesses and security professionals up at night, and for good reason.
The fear factor is there
The concept is clear (and scary) enough — using multiple devices and network connections to render the target resources unavailable. That can bring any influential website to its knees, and it has recently — just ask the BBC. All of its websites were knocked offline on New Year’s Eve by malicious hackers. And this nifty ‘Attack Map’ by Arbor Networks (in partnership with Google Ideas) illustrates just how much of a global problem the DDoS attack has become.
A global problem that’s just getting worse — Arbor Networks found DDoS attacks rose 149 percent over the previous quarter in its State of the Internet Q4 2015 report, and Verisign reports attacks have doubled in the past year, and the average size of the attack is only climbing.
The costs are there
It’s also well-documented just how expensive DDoS attacks are for the enterprise. In fact, for companies using protection such as firewalls, for every $200 million in revenue, the median annual business impact from these attacks is $3 million. Not exactly chump change.
But what is the risk?
OK, we get it. DDoS attacks are a prevalent, expensive threat — and a big risk that organizations take without the right proactive, protective measures in place.
But how big is the risk? In other words, sure, these attacks are going to cost me a lot of money, and they are happening at a pace like never before, but what are the chances that any business impact could happen to my organization?
According to recent Aberdeen Group research, Understanding Your Risk (For Real) From Distributed Denial-of-Service Attacks, the risk is quite significant. There’s a near 100% chance (95%, to be exact) that the annual business impact from a DDoS attack will be greater than $0, and, at its worst, a 5% chance that the business impact is as high as $50 million or more.
Trends in DDoS, and Risk, Explained
So where do organizations go from here? It all comes down to being able to talk about DDoS attacks in terms of this risk (especially when answering C-level questions) and not just getting caught up in the technical details, such as the how and why.
To help in this endeavor, Arbor Networks‘ Tom Bienkowski, and Aberdeen Group’s Derek Brink, Vice President and Research Fellow for Information Security, will be talking more about these latest trends in DDoS attacks, and insights to help address the two most important questions an organization must be able to answer about risk:
- What is our risk from DDoS attacks, under the status quo?
- How does an investment in additional DDoS protection services quantifiably reduce that risk?
The live webinar is entitled, “The Latest Trends in DDoS – How They Can Help Answer the C-Suite’s Questions About Risk and ROI,” and will be at 1 PM EDT, Tuesday, March 29, 2016. Even if you can’t make the time, we encourage you to register, as Aberdeen will be following up with an email link to the on-demand recording.