NETSCOUT Arbor Publishes 13th Annual Worldwide Infrastructure Security Report
Today we are pleased to release our thirteenth annual Worldwide Infrastructure Security Report (WISR). The report offers direct insights from network, security, and operations professionals at global network operators including service provider, cloud and enterprise organizations. The report covers a wide range of topics, from DDoS attacks to key organizational issues such as incident response training, staffing and budgets. Its focus is on cyber threats, risks, and strategies to address them.
Trends to Watch
Looking at the data this year we see a few clear trends. Firstly, DDoS attacks continue to be a major challenge for all types of network operators. While other threats such as advanced persistent threats and malicious insider are top of mind, they actually are experienced less frequently. Service providers reported DDoS as being both the top experienced threat and concern for the coming year. Enterprises rated ransomware as the top threat but ranked DDoS a close second.
The second trend that emerged this year was increased complexity in the nature of the DDoS attacks experienced. Modern botnets and DDoS for hire services now commonly combine multiple attack vectors such as volumetric packet floods, state exhaustion, and application-layer attacks in a single campaign. This complexity combined with the overall increase in the total number of DDoS attacks witnessed are causing serious consequences for the targets and victims. Networks operators cite increasing customer visible outages, revenue impacting incidents, and customer churn among other impacts. Another less obvious consequence is the employee churn that is especially challenging in an environment where there is already a global shortage of qualified security personnel.
The third trend we see is that these consequences are driving greater demand for solutions to mitigate both risk and damage. Service providers are seeing increased demand for DDoS mitigation services and also using automation to improve response time in this competitive environment. Enterprises are not only embracing seeking mitigations services but also embracing hybrid solutions which include on premise detection and mitigation.
Now, more than ever, business and commerce simply cannot exist without robust internet infrastructure that is continuously available. Even recreation and socialization depend on the internet to deliver information and services. It is this environment that simultaneously enables our modern lifestyle and work routines while also putting them at risk from those who would exploit this ubiquitous availability for nefarious purposes. We hope you find the information in this report useful for assessing risk and protecting your business.
You can download the report here. Keep an eye out for additional blog posts on the report’s key findings coming in the next few weeks.