|By Business Wire||
|January 28, 2014 12:00 AM EST||
Arbor Networks, Inc. today released its 9th Annual Worldwide Infrastructure Security Report (WISR) offering a rare view into the most critical security challenges facing today’s network operators. Based on survey data provided by service provider, enterprise, cloud, hosting and other network operators from around the world, this annual report provides a real-world view of the security threats that organizations face and the strategies they adopt to address them.
Arbor’s long-standing customer relationships and reputation as a trusted advisor and solution provider make this report possible each year. Click here (registration required) to access the Arbor Networks 9th Annual Worldwide Infrastructure Security Report.
“From the ISP to the enterprise, IT and security teams are facing a dynamic threat landscape and very skilled and patient adversaries. Our ninth annual report showcases that very clearly,” said Matthew Moynahan, president of Arbor Networks. “There is no single, magic bullet solution and it is a mistake to think technology alone can secure a network. Multi-layered defenses are clearly needed, but so is a commitment to best practices for people and process.”
Internal Network and Advanced Persistent Threats
- Respondents ranked botted hosts as their number one concern
- The proportion of respondents seeing APTs on their networks has increased from 22 percent to 30 percent year over year
- 57 percent of survey respondents do not have a solution deployed to identify employee-owned devices accessing the corporate network
DDoS attacks against mobile networks more than doubled
- Nearly a quarter of those respondents offering mobile services indicated that they have seen DDoS attacks impacting their mobile Internet (Gi) infrastructure. This represents more than double the proportion seen last year.
- More than 20 percent offering mobile services indicated that they have suffered a customer-visible outage due to a security incident, down slightly from about one-third last year.
Application-layer attacks have become ubiquitous
- Application-layer attacks are now common with almost all respondents indicating they have seen them during this survey period.
- Continued strong growth in application-layer attacks targeting encrypted Web services (HTTPS) - up 17 percent over last year.
Dramatic Rise in DDoS Attack Size
- In all previous years of the survey, the largest reported attack was 100 Gbps. This year, attacks peaked at 309 Gbps and multiple respondents reported attacks larger than 100 Gbps.
Data centers are a magnet for DDoS attacks
- More than 70 percent operating data centers reported DDoS attacks this year, up dramatically from under a half last year.
- More than a third experienced attacks that exceeded total available Internet connectivity, nearly double last year.
- About 10 percent saw more than 100 attacks per month.
DNS infrastructure remains vulnerable
- Just over one-third experienced customer-impacting DDoS attacks on DNS infrastructure—an increase from a quarter last year.
- More than a quarter indicated that there is no security group within their organizations with formal responsibility for DNS security, up from 19 percent last year. This increase is surprising given the number of high-profile DNS reflection/amplification attacks that were seen during the survey period.
Survey Scope & Demographics
- 220 responses, up from 130 last year, from a mix of Tier 1 and Tier 2/3 service providers, hosting, mobile, enterprise and other types of network operators from around the world.
- More than 68 percent of respondents this year are service providers, giving us a global view into the traffic and threats targeting their networks, services and customers.
- Data covers November, 2012 through October, 2013
- Download the full report here (registration required)
- Attend this webinar for a deeper dive on the WISR key findings
- Visit the Arbor Networks blog for a summary of key findings
- Download WISR infographics on the Arbor Networks Pinterest page
- Visit the Arbor Networks SlideShare page to download the WISR presentation
- Follow @arbornetworks and the #WISR14 hashtag on Twitter for more key findings
About Arbor Networks
Arbor Networks, Inc. helps secure the world’s largest enterprise and service provider networks from DDoS attacks and advanced threats. Arbor is the world’s leading provider of DDoS protection in the enterprise, carrier and mobile market segments, according to Infonetics Research. Arbor’s advanced threat solutions deliver comprehensive network visibility through a combination of packet capture and NetFlow technology, enabling the rapid detection and mitigation of malware and malicious insiders. Arbor also delivers market-leading analytics for dynamic incident response, historical analysis, visualization and forensics. Arbor strives to be a “force multiplier,” making network and security teams the experts. Our goal is to provide a richer picture into networks and more security context - so customers can solve problems faster and help reduce the risk to their business.
To learn more about Arbor products and services, please visit our website at arbornetworks.com. Arbor’s research, analysis and insight, together with data from the ATLAS® global threat intelligence system, can be found at the ATLAS Threat Portal.
Trademark Notice: Arbor Networks, Peakflow, ArbOS, ATLAS, Pravail, Arbor Cloud, Cloud Signaling, the Arbor Networks logo and Arbor Networks: Smart. Available. Secure. are all trademarks of Arbor Networks, Inc. All other brand names may be trademarks of their respective owners.
In their session at 17th Cloud Expo, Hal Schwartz, CEO of Secure Infrastructure & Services (SIAS), and Chuck Paolillo, CTO of Secure Infrastructure & Services (SIAS), provide a study of cloud adoption trends and the power and flexibility of IBM Power and Pureflex cloud solutions. In his role as CEO of Secure Infrastructure & Services (SIAS), Hal Schwartz provides leadership and direction for the company.
Aug. 4, 2015 06:45 PM EDT Reads: 242
There are many considerations when moving applications from on-premise to cloud. It is critical to understand the benefits and also challenges of this migration. A successful migration will result in lower Total Cost of Ownership, yet offer the same or higher level of robustness. In his session at 15th Cloud Expo, Michael Meiner, an Engineering Director at Oracle, Corporation, analyzed a range of cloud offerings (IaaS, PaaS, SaaS) and discussed the benefits/challenges of migrating to each offe...
Aug. 4, 2015 06:45 PM EDT Reads: 220
SYS-CON Events announced today that the "Second Containers & Microservices Expo" will take place November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Containers and microservices have become topics of intense interest throughout the cloud developer and enterprise IT communities.
Aug. 4, 2015 05:30 PM EDT Reads: 101
As organizations shift towards IT-as-a-service models, the need for managing and protecting data residing across physical, virtual, and now cloud environments grows with it. CommVault can ensure protection and E-Discovery of your data – whether in a private cloud, a Service Provider delivered public cloud, or a hybrid cloud environment – across the heterogeneous enterprise. In his session at 17th Cloud Expo, Randy De Meno, Chief Technologist - Windows Products and Microsoft Partnerships at Com...
Aug. 4, 2015 05:00 PM EDT Reads: 112
The Software Defined Data Center (SDDC), which enables organizations to seamlessly run in a hybrid cloud model (public + private cloud), is here to stay. IDC estimates that the software-defined networking market will be valued at $3.7 billion by 2016. Security is a key component and benefit of the SDDC, and offers an opportunity to build security 'from the ground up' and weave it into the environment from day one. In his session at 16th Cloud Expo, Reuven Harrison, CTO and Co-Founder of Tufin,...
Aug. 4, 2015 03:00 PM EDT Reads: 576
Scrum Alliance has announced the release of its 2015 State of Scrum Report. Almost 5,000 individuals and companies worldwide participated in this year's survey. Most organizations in the market today are still leading and managing under an Industrial Age model. Not only is the speed of change growing exponentially, Agile and Scrum frameworks are showing companies how to draw on the full talents and capabilities of those doing the work in order to continue innovating for success.
Aug. 4, 2015 02:45 PM EDT
SYS-CON Events announced today that MobiDev, a software development company, will exhibit at the 17th International Cloud Expo®, which will take place November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. MobiDev is a software development company with representative offices in Atlanta (US), Sheffield (UK) and Würzburg (Germany); and development centers in Ukraine. Since 2009 it has grown from a small group of passionate engineers and business managers to a full-scale mobi...
Aug. 4, 2015 02:00 PM EDT Reads: 395
Between the compelling mockups and specs produced by your analysts and designers, and the resulting application built by your developers, there is a gulf where projects fail, costs spiral out of control, and applications fall short of requirements. In his session at @DevOpsSummit, Charles Kendrick, CTO and Chief Architect at Isomorphic Software, presented a new approach where business and development users collaborate – each using tools appropriate to their goals and expertise – to build mocku...
Aug. 4, 2015 01:30 PM EDT Reads: 105
Container technology is sending shock waves through the world of cloud computing. Heralded as the 'next big thing,' containers provide software owners a consistent way to package their software and dependencies while infrastructure operators benefit from a standard way to deploy and run them. Containers present new challenges for tracking usage due to their dynamic nature. They can also be deployed to bare metal, virtual machines and various cloud platforms. How do software owners track the usag...
Aug. 4, 2015 01:00 PM EDT Reads: 297
SYS-CON Events announced today that VividCortex, the monitoring solution for the modern data system, will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. The database is the heart of most applications, but it’s also the part that’s hardest to scale, monitor, and optimize even as it’s growing 50% year over year. VividCortex is the first unified suite of database monitoring tools specifically desi...
Aug. 4, 2015 12:00 PM EDT Reads: 117
Graylog, Inc., has added the capability to collect, centralize and analyze application container logs from within Docker. The Graylog logging driver for Docker addresses the challenges of extracting intelligence from within Docker containers, where most workloads are dynamic and log data is not persisted or stored. Using Graylog, DevOps and IT Ops teams can pinpoint the root cause of problems to deliver new applications faster and minimize downtime.
Aug. 4, 2015 11:45 AM EDT
As Marc Andreessen says software is eating the world. Everything is rapidly moving toward being software-defined – from our phones and cars through our washing machines to the datacenter. However, there are larger challenges when implementing software defined on a larger scale - when building software defined infrastructure. In his session at 16th Cloud Expo, Boyan Ivanov, CEO of StorPool, provided some practical insights on what, how and why when implementing "software-defined" in the datacent...
Aug. 4, 2015 11:30 AM EDT Reads: 125
Learn how you can use the CoSN SEND II Decision Tree for Education Technology to make sure that your K–12 technology initiatives create a more engaging learning experience that empowers students, teachers, and administrators alike.
Aug. 4, 2015 09:30 AM EDT Reads: 123
Mobile, social, Big Data, and cloud have fundamentally changed the way we live. “Anytime, anywhere” access to data and information is no longer a luxury; it’s a requirement, in both our personal and professional lives. For IT organizations, this means pressure has never been greater to deliver meaningful services to the business and customers.
Aug. 4, 2015 08:45 AM EDT Reads: 265
In a recent research, analyst firm IDC found that the average cost of a critical application failure is $500,000 to $1 million per hour and the average total cost of unplanned application downtime is $1.25 billion to $2.5 billion per year for Fortune 1000 companies. In addition to the findings on the cost of the downtime, the research also highlighted best practices for development, testing, application support, infrastructure, and operations teams.
Aug. 4, 2015 07:00 AM EDT Reads: 229