Neustar, Inc., a global information services and technology company and a leader in identity resolution, has released a new report from the Neustar International Security Council (NISC) investigating how organisations are managing their web application firewalls (WAF) to keep up with ever-growing, increasingly stealthy application-layer attacks.
An organisation’s WAF is a critical line of defence in protecting proprietary and customer data, but the concern is that some organisations are spending an outsized allotment of resources on modifying these mission-critical elements. The latest NISC survey showed that nearly 85% of organisations feel they are spending at least a moderate amount of time on modifications, with almost 40% noting they spend a lot of time.
Moreover, a majority of organisations have siloed their data centre services away from cloud services — nearly four in five surveyed — which could have the unintended consequence of increasing labour-intensive protection processes. According to survey findings, half of organisations are communicating with their WAF vendors’ security operations centres (SOC) on at least a monthly basis to manage security threats, while another third are communicating bi-monthly.
DDoS attacks continue to be the top concern among organisations, with 22% citing such attacks as the highest potential threat. Further, organisations are well acquainted with the repercussions of DDoS, with 75% reporting they have been on the receiving end of such an attack.
“Organisations may have a highly tuned, up-to-date WAF on premises, but the sheer amount of traffic and potential threats can ensnare resources and impact the ability to introduce greater precision to those key systems,” said Rodney Joffe, Chairman of NISC, SVP and Fellow, Neustar. “Steps can be taken to maintain the integrity of security systems, and potentially enhance performance, by augmenting efforts with third-party, always-on security resources.”
According to Joffe, such solutions can help mitigate bot-based volumetric attacks as well as other common threats that can target an application layer. Further, Joffe notes, “Some of the most robust cloud-based solutions can provide consistent coverage wherever an application is hosted, whether it’s a data centre or the cloud. The right SOC support provides assurance that emerging threats are being neutralised, enabling organisations to focus their efforts on honing their WAF for optimal performance.”
Findings from the latest NISC research highlighted a 12.8-point year-on-year increase in the International Cyber Benchmarks Index. Calculated based on the changing level of threats and impact of cyberattacks, the index has maintained an upward trend since May 2017.
During November and December 2020, in addition to DDoS as the greatest concern for security professionals, system compromise (20%) and ransomware (18%) ranked among the highest perceived threats. During this period, organisations have focused most on increasing their ability to respond to targeted hacking (54%) and vendor or customer impersonation (54%), followed by an equal focus (51% across the board) on DDoS, supply chain compromise (cyber) and ransomware.