Partnering an MSSP to protect your business

The Internet is an indispensable part of today’s business landscape. Most companies would have, at the very least, a web presence to showcase their products and services. Others operate totally online, driving sales through web-based shopfronts or engaging customers through online services such as gaming, video streaming and social networking. With so much activity taking place on the web, the prevention of Internet crime presents a big challenge to businesses today.

Internet crime can come in different forms. For example, in distributed denial of service (DDoS) attacks, hackers use infected machines and devices to bombard a web site, rendering it inaccessible to legitimate users. One such attack took place in October last year when an assault on domain name system company DYN took down popular services such as Netflix, Twitter and PayPal.

Other common cyber threats include data breaches where attackers target vulnerabilities to gain access into systems and steal data; hacktivism, a cyber-attack movement in which computer network hacking is motivated by social activism or political protest; and defacement, where hackers gain administrative access to a website and can replace its content.

Such attacks not only result in revenue loss; they can also cause damage to brand reputation and undermine both customer loyalty and investor confidence. Research firm Cybersecurity Ventures has projected1 that the cost of cybercrime could reach US$6 trillion by 2021, compared to an estimated US$3 trillion in 2015. The figure takes into account all possible damages associated with cybercrime activities including theft of data and intellectual property, fraud, lost productivity, reputational harm, post-attack disruption and the restoration of hacked data and systems.

There is no single piece of software or hardware, or any one-dimensional service, that is able to protect a business against cyberattacks. An effective cybersecurity strategy has to involve a multi-layered approach involving multiple web security tools.

For example, DDoS protection and mitigation tools help prevent attackers from taking down web sites or servers in a DDoS attack. The tools act as filters, letting good traffic through while diverting undesirable traffic into a “black hole” to prevent them from hitting the servers.

Another set of tools known as web application firewalls inspect and filter incoming and outgoing HTTP traffic, blocking attacks such as SQL injection and cross-site scripting where hackers exploit web application security flaws to introduce malicious code or content.

To prevent users from being diverted to bogus sites in phishing attacks, domain name system security extensions have to be applied to make sure that end users connect to the actual web site that corresponds to a particular domain name.

While businesses are becoming more aware of the consequences of a cyberattack and may have heard about the tools that they need to protect themselves, the reality is that most will not have all the resources they need to handle cybersecurity in-house.

Often, the Internet security strategies that they have adopted are no longer effective because Internet threats keep changing, attackers get more creative, and the magnitude of attacks is growing.

According to Akamai’s latest State of the Internet Security Report, there was a 44 per cent increase in SQL injection attacks in Q4 2106 compared to the same quarter the previous year, and a 140  per cent increase in DDoS attacks over 100 Gbps. To set this in context, a report2 in InfoWorld noted that a 1 Gbps DDoS attack “is enough to take most organisations offline completely”.

Against this onslaught of attacks, many businesses are “sitting ducks”. In a white paper on “Strategies for Cyber-Attack Protection”, Akamai noted that businesses often plan their investments months in advance while cyber threats change daily and require immediate action. It is also very difficult to hire, train and retain security expertise.

Recognising these limitations, many businesses are now opting to go with a managed security service provider (MSSP) who will be able to work out the most effective web security strategy for their enterprise.

An MSSP helps assess and maintain the breath of solutions required for a multi-layered approach to security, and can adapt quickly to rapidly changing cyber threats, business requirements and industry trends. Most businesses, on the other hand, have to contend with other demands and will be hard-pressed to devote the necessary effort to cybersecurity.

The MSSP also provides services such as always-on security monitoring, ongoing assessment and maintenance of security solutions, saving businesses the expense of building and maintaining a 24/7 security operations centre and hiring web security experts. 

But perhaps the most compelling reason for going with an MSSP is that the service provider is able to provide businesses with a bird’s eye view of the threat landscape and have up-to-the-minute knowledge of the latest attack vectors and toolkits, as well as the expertise to develop counterattack measures on the fly during attacks.

Today, cyberattacks are no longer a matter of “if” but “when”, and Internet security has become a critical aspect of running an online business.

In countering cyber threats, it is important to recognise that network security technology alone cannot stop attacks, given the speed at which threat vectors and toolkits are evolving.

A managed web security service, delivered by an MSSP staffed with experienced cybersecurity professionals and equipped with state-of-the-art technologies, should thus be an indispensable part of a proactive online security strategy that will help businesses stay one-step ahead of the cybercriminals.

Footnotes:

1. http://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/ 
2. http://www.infoworld.com/article/3156344/internet/2017-widespread-sdn-adoption-and-ddos-attack-mitigation.html