Though an experienced marketer, I am new to the Pondurance team. I’m also new to the information security industry. What does that mean? I have a lot to learn.
There are a million acronyms to memorize: DNS, DDoS, CISSP, PCI DSS, SIEM—the list is endless. There are new names and faces to connect. Events to attend. Reading and listening to process. But if I’ve learned anything in my career so far, it’s that the best way to learn is to teach, so indulge me this opportunity to provide a bit of info on the importance of information security in the context of business continuity.
October was National Cyber Security Awareness Month, and even though this year’s official observance ended October 31, now is the perfect time to review your organization’s security plan and practices to be sure you’re minimizing the cyber-attack risk to your firm.
The implications of security gaps on business performance came into sharp focus with the recent distributed denial-of-service (DDoS—one of those important acronyms) attack on Dyn’s managed DNS infrastructure service. For nearly an entire business day, many of Dyn’s customers (e.g., Twitter, Airbnb, New York Times) were unable to access Dyn’s service, and those customers’ users could not access the affected websites.
Dyn hosts a huge number of authoritative name records, which makes the service an attractive target for an attack because distinguishing legitimate and malicious requests is extremely difficult at high volume. In this case, the attackers made a big impact in a short time, as mitigation required coordination with multiple service providers.
While Dyn’s customers look to diversify their DNS infrastructures across the cloud to minimize negative impacts on future revenue and operations, time will tell if Dyn gets hit with any legal action for its involvement (albeit unwitting) in the DDoS attack.
There’s no fail-safe for information and cyber security. No magic formula or silver bullet to prevent attacks. The security industry’s “good guy” professionals are racing to keep up with the number, scope and evolution of threats on a daily basis. What organizations can do, however, is implement carefully planned security procedures to reduce risk and defend against the compromise of network and information integrity.
By taking advantage of security monitoring services, using properly deployed endpoint protection (the next generation antivirus and antimalware solutions), and consulting professional security experts to assess regulatory compliance and recommend best practices, organizations can put themselves in the best position to protect their valuable data and maintain consistent operations.
As this newcomer can attest, there’s a lot to know about security. It takes a team to truly analyze and understand vulnerabilities and to institute adequate defenses. No organization is immune, so the best approach is to be proactive. Don’t wait for the next Cyber Security Awareness Month to roll around. Start improving your organization’s security program now.
Want to know how Pondurance can help your organization create and manage a strong security posture? Contact us today.
About the author: Ashly Myers is the marketing and communications manager for Pondurance. A veteran marketer with experience in the sports, home services, and tech industries, Ashly most recently served as content director for an Indianapolis-based branding agency. She’s a Notre Dame graduate and current IU Kelley MBA student. Outside of work and school, she makes time for family, food, and football.