As the type, quantity and complexity of data collected by companies increases, organisations face significant challenges in securely gathering and storing information. The free movement of data across borders, through public and corporate networks, has made it particularly difficult to safeguard this information and protect it against security breaches. Fragmented legislative environments across Asia make data protection harder, with governments finding it difficult to create harmonious regulations covering data usage or provide consistent guidance on how to deal with security breaches. While regulation will take some time to catch up, companies can partly address this by taking the lead in disclosing data security breaches…
The data centre perimeter is dead. But its memory lives on in the way many IT departments continue to secure their infrastructure. The meteoric rise of the Internet brought with it an ever-changing landscape of new attacks and completely disrupted organisations’ old models of guarding their IT infrastructure. Previously, information assets that needed protection all resided in a fortress that IT con- trolled, namely a secured data centre. Attacks typically came from outside the data centre’s four walls or from insiders abusing their privileges. Companies placed protections, such as firewalls, at the border crossings and guarded against inside attacks through strict roles and access privileges…
In a remarkably short time, websites have become an incalculably valuable part of doing business. They have redefined how enterprises are run and not only through e-commerce. Companies use Web sites to interact with customers, partners, and suppliers; they are also increasingly shifting mission critical processes to the Web for better resource allocation and cost efficiency. The business models of some companies—SaaS vendors, cloud service providers, and social media purveyors—are predicated on reliable Web site uptime. Thanks to these new business models and activities, organizations also have a much broader awareness of how critical Web services are…
In the sad but true files, the security industry has become increasingly focused on advanced malware, state-sponsored attackers, and 0-day attacks — to the exclusion of everything else. A stroll around any security conference floor makes that immediately obvious. Which is curious, because ‘advanced’ attackers are simply not a factor for the large majority of companies. It is easy to forget that most compromises start with attacks against poorly coded and brittle web sites. Many high-profile attacks target unsophisticated employees with crafty phishing messages, but we cannot afford to forget that if an attacker can gain presence via a website they will…
The advent of the Internet has resulted in an ever-expanding data ecosystem. Unfortunately, this has also led to an increase in data breaches and identity theft. While attackers are still motivated by crime (to gain money), politics (to gain power and influence), and espionage (to gain market advantage), they also want to steal your information and resources, change your messaging, and stop or disrupt your online activity. A successful data breach through an attack on web applications is one of the strongest weapons in a cyber-criminal’s arsenal. Whether your data is at risk is not the only question. You should also consider how much risk a data breach…
Prolexic, now part of Akamai, has the world’s largest dedicated DDoS mitigation network, comprised of five scrubbing centres located strategically around the world. This network, together with, our peering techniques and strategic deployment of resources, enables us to effectively monitor and mitigate DDoS attack traffic in the cloud and closest to its source to provide in-depth DDoS intelligence. PLXsert (the Prolexic Security Engineering and Research Team) monitors malicious cyber threats globally and analyzes these attacks using research, digital forensics and post-event analysis to build a global view of security threats, vulnerabilities and trends…
As we discussed last year in Defending Against Denial of Service Attacks 1, attackers increasingly leverage availability-impacting attacks, both to cause downtime (which costs site owners money) and to mask other kinds of attacks — usually involving data theft. These availability-impacting attacks are better known as Denial of Service (DoS) attacks. Our research has identified a number of adversaries who increasingly use DoS attacks, including…
Internet security challenges are asking some tough questions of organisations in APAC countries, according to a poll conducted by IDG Connect for Akamai that is the basis for this White Paper. The online research covered decision-makers and executives at mid-sized and larger organisations (250-plus staff) in India, the Philippines, South Korea, Thailand, Australia, Singapore, Japan, Hong Kong and Taiwan…
