​The next big security consideration for companies relying on the internet

Author: Martin Ryan, Vice President, Managing Director, Dyn Asia Pacific

A security breach to your website or internal server will cost your business its current and future customers, and a well-publicised breach will cost you customers who’ve never even heard of your brand.

While security efforts have been focused traditionally on the network or data centre perimeter with infrastructure such as firewalls and intrusion prevention systems (IPSs), more recent styles of cyberattacks have pushed smart businesses to recognise the need to bolster security inside the firewall. With so much of our business success today relying on our online capabilities and infrastructure – including external website assets, internal communications platforms and tools, logistics and supply chain and more – it’s critical we treat “online” as one of our most highly prized business assets and establish security around it accordingly. As a result, we’ve seen the rise of technology such as advanced endpoint protection and innovative new techniques such as micro-segmentation. But this still leaves a vulnerability gap many businesses remain unaware of.

To date, very little focus has been placed on extending security beyond the firewall. Attacks that use techniques such as DNS hijacking or Border Gateway Protocol (BGP) hijacking are on the rise – and they’re just as effective at destroying a customer’s confidence and a business’s brand reputation as a direct attack against its web servers. These types of attacks can lead to unreliable delivery of content, loss or breach of highly confidential company and customer data, increased latency, performance degradation or even complete failure. Therefore, it is becoming imperative for companies to mitigate risk and increase insight and control over assets, but some are unsure how.

As a starting point, it’s critical to have a successful continuity plan in place to ensure everyone in your team is ready when the time comes. Being proactive and preparing for these unavoidable attacks will maximise the chances of maintaining continuity.

It’s also important to make smart internet infrastructure investments when it comes to using cloud, data centres and CDNs, including tools that help you to control and monitor them accurately and effectively. Properly monitoring and controlling your internet infrastructure allows you to understand performance, reachability and availability of your company’s internet assets at all times across the world. This gives you the ability to react quickly if an attack occurs.

Looking more specifically, protecting yourself against DNS-based DDoS attacks for example, requires up-front planning, expertise in the DNS network, DNS and DDoS, and 24x7 network monitoring to detect and mitigate attacks as soon as possible. For BGP hijacking, a company will need to use BGP monitoring services to ensure the traffic reaches the expected endpoints rather than being routed through an intermediate location where the data could be stored and manipulated. It’s this level of monitoring and control, hand-in-hand with your continuity plan that will mean the difference between a blip on the radar and a major internet outage that costs your business significantly.

Companies relying on the internet to do business —whether it be for external customer purposes, internal communication or day-to-day logistics – simply can’t afford to have any downtime as they run the risk of loss of income, brand damage, loss of customer confidence and personnel cost, so it is important to take the right steps for managing online network security and maintaining a comprehensive continuity strategy.

Want to know more?

Why not become a CSO member and subscribe to CSO's mailing list.

Get newsletters, updates, events and more right here.