[January 26, 2016] |
|
Arbor Networks 11th Annual Worldwide Infrastructure Security Report Finds Relentless Threat Environment Driving Demand for Managed Security Services and Incident Response Support
Arbor
Networks Inc., the security division of NETSCOUT (NASDAQ: NTCT),
today released its 11th Annual
Worldwide Infrastructure Security Report (WISR) offering direct
insights from the global operational security community on a
comprehensive range of issues from threat detection and incident
response to staffing, budgets and partner relationships. For the first
time, nearly half of the respondents were from enterprise, government
and educational organizations, with service providers at 52 percent.
Arbor's long-standing customer relationships and reputation as a trusted
advisor and solution provider make this report possible each year.
This Smart News Release features multimedia. View the full release here:
http://www.businesswire.com/news/home/20160126005150/en/
"A constantly evolving threat environment is an accepted fact of life
for survey respondents," said Arbor Networks (News - Alert) Chief Security Technologist
Darren Anstee. "This report provides broad insight into the issues that
network operators around the world are grappling with on a daily basis.
Furthermore, the findings from this report underscore that technology is
only part of the true story since security is a human endeavor and there
are skilled adversaries on both sides. Thanks to the information
provided by network operators worldwide, we are able to offer insights
into people and process, providing a much richer and more vibrant
picture into what is happening on the front lines."
Top 5 DDoS Trends
-
Change in Attack Motivation: This year the top motivation was
not hacktivism or vandalism but 'criminals demonstrating attack
capabilities,' something typically associated with cyber extortion
attempts.
-
Attack Size Continues to Grow: The largest attack reported was
500 Gbps, with others reporting attacks of 450 Gbps, 425 Gbps and 337
Gbps. In 11 years of this survey, the largest attack size has grown
more than 60X.
-
Complex Attacks on the Rise: 56 percent of respondents reported
multi-vector attacks that targeted infrastructure, applications and
services simultaneously, up from 42 percent last year. 93 percent
reported application-layer DDoS attacks. The most common service
targeted by application-layer attacks is now DNS (rather than HTTP).
-
Cloud Under Attack: Two years ago, 19 percent of respondents
saw attacks targeting their cloud-based services. This grew to 29
percent last year and now to 33 percent this year - a clear upward
trend. In fact, 51 percent of data center operators saw DDoS attacks
saturate their Internet connectivity. There was also a sharp increase
in data centers seeing outbound attacks from servers within their
networks, up to 34 percent from 24 percent last year.
-
Firewalls Continue to Fail During DDoS Attacks: More than half
of enterprise respondents reported a firewall failure as a result of a
DDoS attack, up from one-third a year earlier. As stateful and inline
devices, firewalls add to the attack surface and are prone to becoming
the first victims of DDoS attacks as their capacity to track
connections is exhausted. Because they are inline, they can also add
network latency.
Top 5 Advanced Threat Trends
-
Focus on Better Response: 57 percent of enterprises are looking
to deploy solutions to speed the incident respnse processes. Among
service providers, one-third reduced the time taken to discover an
Advanced Persistent Threat (APT (News - Alert)) in their network to under one week
and 52 percent stated their discovery to containment time has dropped
to under one month.
-
Better Planning: 2015 saw an increase in the proportion of
enterprise respondents who had developed formal incident response
plans and dedicated at least some resources to respond to such
incidents, up from around two-thirds last year to 75 percent this year.
-
Insiders in Focus: The proportion of enterprise respondents
seeing malicious insiders is up to 17 percent this year (12 percent
last year). Nearly 40 percent of all enterprise respondents still do
not have tools deployed to monitor BYOD devices on the network. The
proportion reporting security incidents relating to BYOD doubled, to
13 percent from six percent last year.
-
Staffing Quagmire: There has been a significant drop in those
looking to increase their internal resources to improve incident
preparedness and response, down from 46 to 38 percent in this year's
results.
-
Increasing Reliance on Outside Support: Lack of internal
resources this past year has led to an increase in the use of managed
services and outsourced support, with 50 percent of enterprises having
contracted an external organization for incident response. This is 10
percent higher than within service providers. Within service
providers, 74 percent reported seeing more demand from customers for
managed services.
Survey Scope & Demographics
-
354 responses, up from 287 last year, from a mix of Tier 1 and Tier
2/3 service providers and hosting, mobile, enterprise and other types
of network operators from around the world.
-
Consistent with prior years, the majority of responses (52 percent)
came from service provider organizations.
-
For the first time in the 11-year history of this survey, nearly half
of responses (48 percent) came from other types of organizations
representing a more diverse view of different types of networks. This
is up from 40 percent in 2014 and 25 percent five years ago.
-
Enterprise organizations are very well represented, making up 38
percent of total respondents. The remaining non-service provider
respondents represent government (6 percent) and education (4 percent).
-
Data covers November 2014 through November 2015.
Additional Resources:
-
Download the full report here
(registration required).
-
Attend this webinar series for a deeper dive on the WISR key findings,
register here
for a deep dive on DDoS key findings; register here
for a deep dive on advanced threat key findings.
-
Visit the Arbor Networks blog
for a summary of key findings.
-
Download WISR infographics on the Arbor Networks Pinterest page.
-
Like us on Facebook and
follow @ArborNetworks on
Twitter (News - Alert) for more key findings.
About Arbor Networks Arbor Networks, the security division
of NETSCOUT, helps secure the world's largest enterprise and service
provider networks from DDoS attacks and advanced threats. Arbor is the
world's leading provider of DDoS protection in the enterprise, carrier
and mobile market segments, according to Infonetics (News - Alert) Research. Arbor's
advanced threat solutions deliver complete network visibility through a
combination of packet capture and NetFlow technology, enabling the rapid
detection and mitigation of malware and malicious insiders. Arbor also
delivers market-leading analytics for dynamic incident response,
historical analysis, visualization and forensics. Arbor strives to be a
"force multiplier," making network and security teams the experts. Our
goal is to provide a richer picture into networks and more security
context so customers can solve problems faster and reduce the risks to
their business.
To learn more about Arbor products and services, please visit our
website at arbornetworks.com or
follow on Twitter @ArborNetworks.
Arbor's research, analysis and insight, together with data from the
ATLAS global threat intelligence system, can be found at the ATLAS
Threat Portal.
Trademark Notice: Arbor Networks, the Arbor Networks logo and ATLAS
are all trademarks of Arbor Networks, Inc. All other brands may be the
trademarks of their respective owners.
View source version on businesswire.com: http://www.businesswire.com/news/home/20160126005150/en/
[ Back To TMCnet.com's Homepage ]
|