• TSS
    total-security-summit-advert
    TSS
    total-security-summit-advert
  • Guest Blog, Brian Foster: Cyber-security – don’t get caught out!

    800 450 Jack Wynn

    When running a business, finance and technology are often top of the list of concerns, so it’s surprising that the prospect of cyber-security is often not considered to be a priority. Contemplate this: your business is up and running, you have the necessary finances, you’re scaling exponentially and technology is meeting that demand, and then the unexpected happens, your app is hacked – taking down your online business and the personal and private details of your trusting customers. The security of your business could make all the difference when it comes to a positive customer experience versus a damaging negative one.

    In fact, a recent Ponemon study (in collaboration with Neustar) revealed that the three main contributors to a poor online customer experience are: inaccurate content (91 per cent), website downtime (88 per cent) and overly simple identity and authentication procedures (75 per cent), and ultimately this will lead to distrust. These findings reflect the converging role that a brand’s marketing, IT and security groups must play to deliver a safe, trusted and seamless customer experience.

    As the cybersecurity landscape is constantly evolving, it is crucial for protection solutions to adapt to an attacker’s modus operandi. With this said, businesses and specifically e-retailers, should take the following steps to ensure their IT infrastructure is an impenetrable fortress.

     

    Avoiding Domain Name System (DNS) Attacks

    Often customers trying to access a brand’s website can get hijacked to bogus pages where their logins, passwords and payment details are siphoned off; commonly known as cache poisoning or DNS spoofing.

    To protect against this, businesses can create digital signatures that ensure DNS responses are identical to those from the authoritative server, providing protection against forged or manipulated data. Managed DNS services with hardened security features, administer the most effective protection and the best solution should offer this protection at no extra cost. Also, non-open source resolvers (unlike BIND) are less prone to malware, viruses and attacks.

     

    Mitigating on-premise DDoS

    On-premise DDoS mitigation should be focused around a well-documented incident response plan. For this, organisations need to take precautionary steps such as, making themselves as unappealing to attacks as possible. By raising the costs of an attack and reducing the ROI for criminals, organisations with strong encryption, distributed data sources and compartmentalisation of customer data can protect themselves. Online brands should implement countermeasures with purpose-built DDoS protection, combining on-premise hardware and cloud-based traffic scrubbing.

    It’s also important to ensure that there are measures and systems in place to detect when a breach occurs as early as possible and to follow a response plan for attacks that has been developed in advance. This includes everything from preparing public statements for customers and employees, as well as regulatory and press notifications.

     

    Backing-up website messages and systems are also important duties to be dealt with in advance, as well as arranging alternative payment methods to mitigate a breach.Finally, the response plan needs to be rehearsed. The sooner the breaches are recognised and the faster the response process is launched, the less damage is likely to result from it. The standard of care for dealing with cyber-attacks is to implement ‘hybrid’ DDoS protection, involving both on-premise DDoS mitigation appliances along with services from DDoS protection providers who can help mitigate larger attacks.

     

    With the adoption of these protection measures, improvements won’t happen overnight but they could make a significant positive difference in the long-term. The online community should develop and incorporate standard of care mechanisms to raise the cost of an attack, as a deterrent for opportunistic attackers.

     

    Brian Foster is the senior vice president of Product Information Services, managing the complete lifecycle of Neustar’s Information Services products. In this role, Foster drives the overall roadmap for Neustar’s products and ensures all services continue to exceed the needs of customers.

     

    AUTHOR

    Jack Wynn

    All stories by: Jack Wynn