Absence of anti-DDoS protection putting business-critical systems at risk: survey

Published: Friday, 08 April 2016 08:20

The results of a survey conducted by Kaspersky Lab and B2B International show that a quarter of companies risk losing access to business-critical systems because there is no anti-DDoS protection in place.

More than half of companies believe that investing in protection against DDoS attacks is justified, and roughly the same number of respondents think anti-DDoS protection is an important cybersecurity requirement for their infrastructure. For telecoms and financial companies, the figures were 82 percent and 78 percent respectively.

However, in spite of this, a significant number of companies either do not use this type of protection (24 percent), or apply it only partially (41 percent). It turns out that just 34 percent of companies are fully protected against this widespread threat. Interestingly, the majority of companies with absolutely no anti-DDoS protection belong to the ‘group of risk’, i.e. those industries attacked most frequently: the media (36 percent), healthcare and education (both 31 percent).

The survey also revealed that 25 percent of companies cited the stability of business-critical systems as one of their priorities, but only 15 percent intend to implement anti-DDoS solutions in the near future. At the same time, databases, email, websites and other online services whose operation is critical for almost all companies, can easily be disrupted by even the most unsophisticated attack. It is no surprise that, according to the survey, a single DDoS attack may cost a company more than $400,000 due to disruption of business processes and the costs of recovery, fines, restoring reputation and so on.

Russ Madley, Head of B2B, Kaspersky Lab comments: “It’s important to take DDoS attacks seriously as they can be just as damaging to a business as any other cybercrime, especially if used as part of a bigger targeted attack. The ramifications caused by these types of attacks can be far-reaching and very impactful as they’re able to reach deep into a company’s internal systems. Organizations must understand that protection of the IT infrastructure requires a comprehensive approach and continuous monitoring, regardless of the company’s size or sphere of activity.”

More details about the survey.