Firms Must Adapt Quickly to Evolving Cyber-Threats

By Samuel Greengard | Posted 2016-03-04

1 of

Firms Must Adapt Quickly to Evolving Cyber-Threats

Companies need to adapt quickly to the evolving threat landscape, in which attackers are using new and evasive techniques to avoid detection and mitigation.
Widespread Attacks

More than 90% of the respondents reported experiencing attacks in 2015, while the remainder said they had not experienced any of the attacks covered in the survey.
Worsening Situation

In 2015, several industries faced consistent levels of threat, while both education and hosting services moved from "medium" to "high" risk.
Safeguarding Access

More than 60% of respondents said their organization is "very well" or "extremely" prepared to safeguard against unauthorized access and worm and virus damage.
Facing Persistent Threats

Despite basic protections, 60% said that they are only "somewhat" or "not very prepared" to combat advanced persistent threats (APTs) and information theft.
Denying DDoS

For distributed denial of service (DDoS) attacks, rated the No. 1 threat, respondents split almost evenly between prepared and not prepared to protect against these attacks.
Gaps Proliferate

One-third of respondents cited a volumetric/pipe saturation weakness, and another quarter cited vulnerability to network and HTTPS/SSL attacks.
Significant Slowdowns

About half of the respondents said that while their organization was able to thwart complete outages, they experienced significant slowdowns as a result of attacks.
Ransom Is Real

Ransom attacks increased from 16% in 2014 to 25% in 2015. In addition, just over a third of respondents experienced ransom or SSL/TLS-based attacks.
Burst Attacks Increase

Burst attacks are increasing. More than half of the three biggest attacks experienced in 2015 lasted one hour or less—up from 27% in 2014.
Multi-Pronged Approach

91% of the survey respondents use multiple solutions to combat cyber-attacks, and only 6% use only one solution.
Many Use a Hybrid Approach

In 2015, 41% of the survey participants indicated that its company utilizes a hybrid solution. That's up from 21% the previous year.
View All Slideshows >

The frequency and intensity of cyber-attacks are on the rise, and there's no indication that this situation will improve anytime soon. More frightening: No company is immune, and few are fully prepared. A new report from application delivery and security solutions provider Radware, "Global Application & Network Security Report 2015-2016," illuminates the extent of the problem, as well as how organizations are attempting to deal with cyber-security issues ranging from advanced persistent threats (APTs) to distributed denial of service (DDoS) attacks. "Security attacks are becoming more complex," the study points out. "Motives, means and effectiveness of security attacks are on the rise. [There's] the need for greater agility to adapt quickly to evolving threats." The study also identifies a number of key trends, including the emergence of multi-vector attack campaigns (APDoS). It warns: "Attackers are demonstrating more patience and persistence, leveraging 'low and slow' attack techniques that misuse application resources rather than those in network stacks. Attackers are using evasive techniques to avoid detection and mitigation, including SSL-based attacks and changing the page request in an HTTP page flood attack." Approximately 300 companies were surveyed.

Samuel Greengard writes about business and technology for Baseline, CIO Insight and other publications. His most recent book is The Internet of Things (MIT Press, 2015).