Businesses ‘Becoming Complacent’ Over Danger Of DDoS Attacks

F5 study reveals security concerns over DDoS are falling, despite the number of attacks being on the rise

The dangers posed by DDoS attacks are often going ignored in many businesses, a new survey has claimed.

A study by security firm F5 Networks has suggested that there is an element of complacency about DDoS attacks creeping into the thinking of senior management, as the threats have dropped out of the top three security concerns despite several industry studies showing that the attacks are on the rise.

Instead, senior management now appears more concerned about application data breaches, network attacks and malware, the survey, undertaken at the recent Infosecurity Europe 2015 show in London, posited.

Unaware?

DDoS

Despite this fall, the study did still find that 60 percent of respondents are worried about DDoS attacks targeting their organisation. And 39 percent of respondents said it is likely that their organisation has already been targeted.

Firewalls are the first line of defence it seems, as almost 40 percent of the organisations questioned said they are using a firewall to protect against DDoS attacks, with web application firewalls preferred by 26 percent of respondents. But investment in specific DDoS protection, either on or off premise, scored much lower, which is a worrying development.

And highlighting the fact that the overall security landscape has become more fraught nowadays, three quarters (76 percent) of respondents admitted that maintaining consistent security and availability policies have become harder in the last three years with the advent of the cloud, BYOD and other technology changes.

Changing Landscape

Meanwhile the survey also threw up some other data. For example, more than a quarter (27 percent) of respondents are looking to reap the benefits of SDN in the near future in their data centre, although 20 percent believe that SDN environments are more vulnerable to attacks

It also examined industry issues around the Internet of Things, SDN and the Investigatory Powers Bill, which will eventually see the security services getting even more surveillance powers in what many are calling a “turbo-charged snoopers’ charter”.

Fifty two percent of the security community is concerned about the Investigatory Powers Bill, with 32 percent citing worries around the government having more ‘big brother’ style powers.

Respondents (26 percent) were also concerned about data loss with the Internet of Things, and only 3 percent of respondents have no concerns around the Internet of Things.

“The results from the Infosecurity survey are concerning on a number of levels,” Gary Newe, F5 technical director. “I’m very surprised to see that DDoS attacks are no longer a top three concern for businesses, as attacks are still coming thick and fast with an ever increasing level of sophistication. Businesses must continue to invest in protecting themselves against attacks of this kind.”

“In terms of the broader industry points, it’s not altogether surprising that the security community is concerned about the Internet of Things and the Investigatory Powers Bill,” he added.“There is still a great deal of uncertainty in these areas and it will be crucial for the government and business community, including their security teams, to engage in the debates about the rollout of both.”

Are you a security pro? Try our quiz!