Refocusing the private sector cybersecurity mindset

A new report reveals some startlingly dismal numbers on the breadth and increasing scope of cyber attacks. Photo: AP

WASHINGTON, July 20, 2013 — A report this past week surveying clients reveals some startlingly dismal numbers on the breadth and increasing scope of cyber attacks. The report was issued by Prolexic Technologies, a Florida-based technology provider of distributed denial of service protection services.

Specifically, the Prolexic Technologies report found a dramatic uptick in the frequency and significance of distributed denial of service (DDoS) attacks. A DDos attack, in essence, seeks to overwhelm computer servers with illegitimate visit requests, rendering websites unviewable to legitimate visitors. 

As the report notes, “the average packet-per-second (pps) rate reached 47.4 Mpps and the average bandwidth reached 49.24 Gbps based on data collected in Q2 2013,” adding, “These metrics, representing increases of 1,655 percent and 925 percent respectively compared to Q2 2012.”

“This quarter we logged increases for all major DDoS attack metrics, and some have been significant. DDoS attacks are getting bigger, stronger and longer,” said Stuart Scholly, president at Prolexic. “We believe this growth is being fueled by the increasing prevalence of compromised Joomla and WordPress web servers in increasingly large botnets.”

A May report titled ‘Cyber threat intelligence and the lessons from law enforcement’ published by KPMG, one of the largest professional services companies in the world, paints a stark picture of the private sector firms and organizations’ failure to properly understand the cybersecurity world. This shortcoming has resulted in an inability to address the significant vulnerability to such attacks.

KPMG notes, “As adversary sophistication increases, many organizations react when it is too late – the attack is underway. Few organizations have the capability to anticipate cyber threats and implement preventative strategies, despite prevention being more cost effective and customer focused.”

Essentially, organizations have a fundamentally flawed (or ineffective) approach to cybersecurity. Such ill-equipped organizations need to heed the lessons learned from law enforcement and intelligence agencies that have been dealing with these types of threats for substantially longer and with more focused efforts.

According to KPMG, organizations need to stop playing catch-up and “create an intelligence-led mindset.” Following an initial shift in organizational thinking and threat perception, firms will need to migrate strategies to be built on “intelligence operating models” in order to achieve, “an intelligence-led decision-making process.”

The reality remains that cybersecurity requires a security mindset to fundamentally address the threats and vulnerabilities at their core. This is, in many regards, similar to the military operations concept for strategic thinking called the OODA Loop, which stands for Observe, Orient, Decide and Act.

Until the reality of the cyber-operating environment sets in for private sector organizations and a substantial shift in the business management mindset occurs, firms and organizations will remain susceptible to cybersecurity threats. It cannot remain ‘business as usual’ in a world where threats evolve as fast as the technology does. Constantly playing catch-up in the cyber realm will remain a futile effort equivalent to combating threats with a critical arm tied behind ones back.

Follow Tim’s updates on Twitter @CyberTimbo.


This article is the copyrighted property of the writer and Communities @ WashingtonTimes.com. Written permission must be obtained before reprint in online or print media. REPRINTING TWTC CONTENT WITHOUT PERMISSION AND/OR PAYMENT IS THEFT AND PUNISHABLE BY LAW.

More from Business Browser
 
blog comments powered by Disqus
Timothy W. Coleman

Timothy W. Coleman is a writer, analyst, and a technophile. He primarily focuses on international affairs, security, and technology matters, but Tim has a keen interest in history, politics and archeology, having visited more than 20 Mayan ruins in Central America alone.

Tim started off on Capitol Hill, worked on a successful US Senate campaign, and subsequently joined a full-­‐service, technology marketing communications firm. He has co-­‐founded two technology startup firms, is a contributing editor at intelNews.org and he is an intelligence analyst at the Langley Intelligence Group Network (LIGNET.com) where he specializes in aerospace, naval, and cyber security analysis.

Coleman completed his BA from Georgetown University, an MBA in Finance from Barry University, a Graduate Studies Program at Singularity University at NASA Ames, and a Master’s of Public and International Affairs with a major in Security and Intelligence Studies at the University of Pittsburgh.

Coleman volunteers and serves as a member of the board of directors at the Lint Center for National Security Studies. 

 

Contact Timothy W. Coleman

Error

Please enable pop-ups to use this feature, don't worry you can always turn them off later.

Question of the Day
Featured
Photo Galleries
Popular Threads
Powered by Disqus