Many organizations lack direction on cyber security

Dearth of knowledge, protection is putting them at risk for attack, says Kirill Ilganaev.

Despite all the attention now focused on cyber security, a large number of organizations say they are not sure they know the most effective protection strategy to combat these types of attacks.

This lack of knowledge and protection “is putting businesses across the globe at risk of grinding to a halt,” according to the new Corporate IT Security Risks survey from Kaspersky Lab.

The study found that 39 percent of organizations acknowledge that they not confident that they have adequate IT security safeguards in place.

“DDoS attacks in particular can quickly incapacitate a targeted business’s workflow, bringing business-critical processes to a stop,” the study noted. However, the research found that 16 percent of businesses are not protected from DDoS attacks at all, and 49 percent rely on built-in hardware for protection.

“This is not effective against the increasing number of large-scale attacks and ‘smart’ DDoS attacks which are hard to filter with standard methods,” the report added.

In many cases, organizations assume that they’re already protected from these types of attacks, but that confidence is often misplaced.

Some 40 percent of the organizations surveyed fail to put measures in place because they believe that their Internet service provider (ISP) will provide protection. The survey found that 30 percent believe that their data center or infrastructure partners will protect them.

“The reality is that these organizations mostly protect businesses from large-scale or standard attacks, while ‘smart’ attacks, such as those using encryption or imitating user behavior, require an expert approach,” the study explains.

Perhaps most surprisingly, the survey found that nearly a third of organizations fail to take action because they think they are unlikely to be targeted by DDoS attacks. Some 12 percent even acknowledge that they believe that a small amount of downtime because of DDoS would not cause a major issue for the company.

“The reality is that any company can be targeted because such attacks are easy for cybercriminals to launch. What’s more, the potential cost of a single attack can be in the millions,” according to the report.

“As we’ve seen with the recent attacks, DDoS is extremely disruptive, and on the rise,” says Kirill Ilganaev, head of Kaspersky DDoS protection at Kaspersky Lab. “When hackers launch a DDoS attack, the damage can be devastating for the business that’s being targeted because it disables a company’s online presence. As a result business workflow comes to a halt, mission-critical processes cannot be completed and reputations can be ruined.”

“Online services and IT infrastructure are just too important to leave unguarded,” Ilganaev continued. “That's why specialized DDoS protection solution should be considered an essential part of any effective protection strategy in business today.”

More for you

Loading data for hdm_tax_topic #care-team-experience...