Refocusing the private sector cybersecurity mindset

Refocusing the private sector cybersecurity mindset

The reality remains that cybersecurity requires a security mindset to fundamentally address the threats and vulnerabilities at their core.

Illustration of a Distributed Denial of Service (DDOS) attack. (Via Wikipedia)
Illustration of a Distributed Denial of Service (DDOS) attack. (Via Wikipedia)

WASHINGTON, July 20, 2013 — Based on client surveys, a report released this past week by a leading cybersecurity firm reveals some startlingly dismal numbers on the breadth and increasing scope of cyber attacks. The report was issued by Prolexic Technologies, a Florida-based technology provider of distributed denial of service protection services that is now a part of cloud platform giant Akamai.

Specifically, the  report found a dramatic uptick in the frequency and significance of distributed denial of service (DDoS) attacks. A DDos attack, in essence, seeks to overwhelm computer servers with illegitimate visit requests, rendering websites unviewable to legitimate visitors.

As the report notes,

“… the average packet-per-second (pps) rate reached 47.4 Mpps and the average bandwidth reached 49.24 Gbps based on data collected in Q2 2013,” adding, “These metrics, representing increases of 1,655 percent and 925 percent respectively compared to Q2 2012.”

“This quarter we logged increases for all major DDoS attack metrics, and some have been significant. DDoS attacks are getting bigger, stronger and longer,” said Stuart Scholly, president at Prolexic. “We believe this growth is being fueled by the increasing prevalence of compromised Joomla and WordPress web servers in increasingly large botnets.”

Published by KPMG, one of the largest professional services companies in the world, a May report entitled “Cyber threat intelligence and the lessons from law enforcement” paints a stark picture of private sector firms’ and organizations’ failure to properly understand the cybersecurity world. The result is a significant inability to address the significant vulnerability to such attacks.

KPMG notes, “As adversary sophistication increases, many organizations react when it is too late – the attack is underway. Few organizations have the capability to anticipate cyber threats and implement preventative strategies, despite prevention being more cost effective and customer focused.”

Essentially, a significant number of organizations have a fundamentally flawed (or ineffective) approach to cybersecurity. Such ill-equipped organizations need to heed the lessons learned by law enforcement and intelligence agencies that have been dealing with these types of threats for substantially longer periods of time and with greater focus.

According to KPMG, organizations need to stop playing catch-up and “create an intelligence-led mindset.” Following an initial shift in organizational thinking and threat perception, firms will need to migrate strategies to be built on “intelligence operating models” to achieve, “an intelligence-led decision-making process.”

The reality remains that cybersecurity requires a rigorous security mindset to fundamentally address the threats and vulnerabilities at their core. This kind of methodology is similar in many ways to the “OODA Loop,” a military operations strategic  thinking protocol whose acronym stands for “Observe, Orient, Decide and Act.”

Until the reality of the new cybersecurity environment sinks in for private sector CIOs and IT professionals, including a substantial shift in the business management mindset, firms and organizations will remain susceptible to serious cybersecurity threats. In a world where myriad threats evolve as fast as technology itself, it is no longer possible to maintain a “business as usual” mindset. Constantly playing reactive catch-up when it comes to cybersecurity is and will remain a futile effort, the equivalent to combating threats with one arm tied behind one’s back.


Follow Tim’s updates on Twitter @CyberTimbo.

Prolexic, now a part of Akamai. is the world’s largest and most trusted distributed denial of service (DDoS) mitigation service provider. Prolexic successfully blocks the biggest and most complex DoS and DDoS denial of service attacks that often overwhelm other vendors. 

Click here for reuse options!
Copyright 2014 Communities Digital News

This article is the copyrighted property of the writer and Communities Digital News, LLC. Written permission must be obtained before reprint in online or print media. REPRINTING CONTENT WITHOUT PERMISSION AND/OR PAYMENT IS THEFT AND PUNISHABLE BY LAW.

Correspondingly, Communities Digital News, LLC uses its best efforts to operate in accordance with the Fair Use Doctrine under US Copyright Law and always tries to provide proper attribution. If you have reason to believe that any written material or image has been innocently infringed, please bring it to the immediate attention of CDN via the e-mail address or phone number listed on the Contact page so that it can be resolved expeditiously.

Timothy W. Coleman
Timothy W. Coleman is a writer, analyst, and a technophile. He co-founded two security technology startup firms, one of which was selected as Entrepreneur Magazine’s “100 Most Brilliant Companies.” Tim started off on Capitol Hill, worked on a successful U.S. Senate campaign, and subsequently joined a full-service, technology marketing communications firm. Previously, he was an intelligence analyst for a DC-based service providing global intelligence and forecasting from former CIA, U.S. intelligence and national security officers. Currently, he is the Editor-at-Large for Homeland Security Today. Tim completed his B.A. from Georgetown University, an M.B.A. in Finance from Barry University, a Graduate Studies Program at Singularity University at NASA Ames Research Center, and a Master’s of Public and International Affairs with a major in Security and Intelligence Studies at the University of Pittsburgh. Tim volunteers and serves as a member of the board of directors at the Lint Center for National Security Studies. Read more about Tim here and follow him on Twitter @timothywcoleman.