How firms can fend off vulnerabilities on a globally distributed network

What is the significance of the recent uptake of security applications and DNS services across the multiple threat vectors in different sectors? Which sectors are under maximum threat: financial, telecom or entertainment?
The domain name system (DNS) is one of the foundations of the internet, working in the background to match domains to corresponding IP addresses. When DNS fails, internet users cannot find the server hosting the website, rendering it completely unavailable. Naturally, this means that it is critical to protect DNS servers to ensure that websites, ecommerce platforms, and other internet functions are available to users and customers.

With the introduction of many new technologies and services reliant on the internet such as mobile apps, and travel and retail sites, we are seeing an increase in both frequency and magnitude of malicious attacks, some of which are perpetrated by sophisticated bots.

Finance and manufacturing are in the top five industries targeted by cyber criminals (12 per cent and 11 per cent respectively) according to an investigative report on data breaches conducted by Verizon. But, because the goal isn’t always monetary, the public sector (13 per cent), information services (12 per cent), education (6 per cent) and healthcare (5 per cent) are also popular targets.

What are some of the advanced security measures required to deliver a safe experience across streaming platforms, the gaming industry, and the live events support arena? What are some examples of this?
Having a globally distributed Edge network allows business’ key infrastructure and services to be protected against bad actors closest to where the attack originated from and as soon as it happens. No more waiting until an attack reaches the customer’s network perimeter. Attacks can be mitigated without disruption to key websites and web applications can be protected by applying new rules across the internet to prevent exploits to application vulnerability; virtual patching defends against zero-day incidents.

When our customer was hit with a huge 355 million packets per second attack last year, our global network was able to mitigate the attack at the source with no impact to the customer traffic. In the case of streaming services, the gaming industry and live events, there are several important systems to protect. We try to prevent bots attempting to gain access or to snatch game tickets before legitimate fans can purchase them.

Additionally, our secure network provides end-to-end encryption to ensure that content is delivered only to its intended audience. We prevent man-in-the-middle attacks, and we protect game console software downloads from interruption.

In terms of cybersecurity, what was 2022 like and what were the key takeaways?
In Q2 alone, cyberattacks increased by 72 and 109 per cent respectively. Organisations using artificial intelligence (AI) and automation had a 74-day shorter breach lifecycle, saving an average of $3m more than those without. Businesses should look out for solutions that can detect threats via AI and machine learning to learn and adapt to the latest threats. It should also be able to deploy security rules quickly and accurately.

Stolen or compromised credentials were the most common cause of a data breach. A lot of data transfer between devices and the cloud can be avoided thanks to edge computing technology. Consider moving your security to the edge of your network, to filter sensitive data locally and only send critical data model-building information to the cloud.

What is the safest way to remain protected in the face of cyberattacks?
To minimise the risk of a cyberattack enterprises must adopt a comprehensive approach – the right solutions, capabilities and processes. This is no longer optional. With the frequency and complexity of attacks increasing, we know it’s not a matter of “if,” but “when” the next attack will target any organisation.

Adopting a holistic security solution gives business leaders the best opportunity to thwart cyber criminals and ensure the confidentiality, integrity and availability of their data, application and infrastructure.

To mitigate zero day’s events means having the capability to quickly release custom virtual patching and have real time observability. Finally, having access to security architect or security analyst via a 24×7 security operation centre is paramount to ensure an organisation is fully protected.

What security features do organisations need to have on a globally distributed network to protect their businesses from vulnerabilities?
The threat landscape is constantly changing with the introduction of new technologies and attack vectors. Cybersecurity will be super important as in 2023 it is predicted that there will be more than 43 billion devices connected to the internet. The more connected devices we have, the more doors and windows we have that are potentially open to attackers.

As companies start maturing their cybersecurity awareness and programmes, it’s important to have proper investment in solutions and capabilities to not just prevent cyberthreats, but also detect and respond to them. For example, Edgio’s Content Delivery Network provides these important security solutions as part of its application security suite. Collectively known as Web Application and API protection, with an umbrella set of solutions that includes web application firewall, a bot manager, API protection and DDoS protection, businesses’ can effectively protect their online presence.

Adopting a holistic security solution gives business leaders the best opportunity to ensure the confidentiality, availability and integrity of their data and infrastructure. A comprehensive approach will ensure better intelligence, faster analysis and blocking, and faster zero-day containment.

Richard Yew is the senior director – Product Management Security at Edgio

Read: Did you know that a DDoS-for-hire attack can cost less than a used car?