DDoS attacks: An operational risk that should be included in enterprise risk assessments and business continuity plans

No photo availableByStaff Writer
4 min read

“The current financial realities are driving organisations to place IT security in both their operational and financial planning in order…

Today’s enterprises are increasingly motivated to formalise their IT security
Today’s enterprises are increasingly motivated to formalise their IT security and place it firmly within the context of their enterprise risk management and business continuity planning.

“The current financial realities are driving organisations to place IT security in both their operational and financial planning in order to manage rising costs. We are especially seeing this in the African region where IT resources are either stretched or skills are not available,” says Bryan Hamman, territory manager for sub-Saharan Africa at Arbor Networks.

Yet, at the same time, he explains, organisations must focus on providing adequate resources to address financially, regulatory and reputation-driven security priorities, and incorporate all pertinent risk factors into their organisational security model. “It’s a necessary and important factor for businesses to realise,” he adds.

A white paper by Arbor Networks, Keeping the Lights On, highlights that the abstract nature of risk management and business continuity planning can often make these processes daunting to planners and IT security professionals alike.

The paper states, “In most cases, business continuity plans include detailed policies and procedures for keeping operations running in the wake of natural disasters such as fire, floods and earthquakes. But rarely do they incorporate contingencies for IT security incidents. This is a major oversight. Security incidents often have a negative impact on business operations – resulting in significant operational expenditure (opex) costs, lost revenues, customer satisfaction challenges and an erosion in brand reputation. As a result, IT security issues constitute significant business risks, which place them squarely within the realm of business continuity planning and disaster recovery.”

Service availability is easily the most critical aspect of a company’s security – it is also a quantifiable aspect of security. “Companies can thus calculate the reputational and business costs of a cyber attack downtime for e-commerce sites, financial services, customer support applications, content delivery systems and brick-and-mortar online reference sites,” says Hamman.

The white paper illustrates how the impact of loss of service availability goes beyond financials for organisations and highlights the following business aspects to consider:

  • Operations: How many IT personnel will be tied up addressing the attack?
  • Help desk: How many more help desk calls will be received, and at what cost per call?
  • Recovery: How much manual work will need to be done to re-enter transactions?
  • Lost worker output: How much employee output will be lost?
  • Penalties: How much will have to be paid in service level agreement (SLA) credits or other penalties?
  • Lost business: How much will the ability to attract new customers be affected? What is the full value of those lost customers?
  • Brand and reputation damage: What is the cost to the company brand and reputation?

“Organisations need to become au fait with distributed denial of service (DDoS) attacks as these target the availability and utility of computing and network resources. As the white paper states, if a DDoS attack against a Web server,
DNS server, e-mail server, application server or other online property is successful, the availability of the target of the attack is negatively impacted,” continues Hamman.

According to the white paper, DDoS attacks are typically launched by botnets, which are collections of compromised computers utilised by attackers without the knowledge of their legitimate owners. Hundreds of millions of botted computers are on the Internet and enterprise networks today. They represent a major threat to organisations with an online presence due to the near-infinite computing power and bandwidth available to attackers who leverage botnets to launch DDoS attacks.

“DDoS attacks are an element of operational risk, however businesses must be aware that traditional security solutions, such as firewalls and intrusion prevention systems, do not mitigate the operational risk of DDoS attacks. Businesses also simply cannot decide not to have an online present, not in today’s business market. Arbor Networks’ premise- and cloud-based availability protection solutions have been specifically created to enable organisations to successfully mitigate the operational risk represented by DDoS attacks.”

As the white paper concludes, “the design, deployment and operation of such solutions are key to ensuring that business continuity planning takes into account the ‘man-made disaster’ of DDoS attacks, and helping to ensure that the availability of mission-critical public-facing properties is protected even in the face of determined DDoS attacks.

Leave a Reply

Your email address will not be published.

Do you have a story that you think would interest our readers? Write to us editorial@cioafrica.co