One of the greatest threats to Internet service is Distributed Denial of Service (DDoS) attacks which can paralyze ISPs and disrupt traffic to and from targeted websites. For years now, DDoS attacks have dropped down the IT security priority list as topics such as IP theft took center stage.
Recently however, DDoS attacks targeting organizations of all types have sharply increased. Afflicted organizations had daily operations disrupted and servers compromised, with attacks increasing in sophistication and damage impact. The next waves of attacks will likely be even more complex and damaging.
The DDoS revival reminds us that as threats continue to evolve, organizations must strengthen their security infrastructure and management practices to improve the timeliness and effectiveness of incident response.
The following excerpts are from an interview with Bernie Trudel, Asia Pacific Regional Data Center and Cloud CTO, Cisco Systems, Inc.
As someone whose world is dominated by cloud, data center, privacy, and compliance, it was exciting to meet a long-term expert with the same-shared interests. Bernie Trudel has been with Cisco for 17 years, and in addition to his role as Regional CTO, he is Chairman of the Asian Cloud Computing Association, an industry organization dedicated to making cloud computing a reality across Asia Pacific (APAC) by addressing the needs for common platforms. He shared his ideas with me on key regional trends, security to accelerate cloud adoption, and the future of the data center.
What are the key regional trends?
Increasingly APAC countries are adopting a national broadband policy driven by a combination of the adoption of cloud and the ubiquity of personal computing. There is a strong focus on data sovereignty and privacy in response to emerging data privacy legislative measures in Singapore, Malaysia and the Philippines and also greater awareness around consumer’s rights to protect private data. International connectivity is also emerging as an issue as smaller countries rely on networks that cross geographic borders.
Many of these trends are measured in the Cloud Readiness Index, which uses 10 parameters that focus on risk, power, sustainability, and other metrics to assess readiness across the region.
Data Centers are going through a rapid evolution due to industry trends of virtualization, cloud computing and bring your own device (BYOD) initiatives, putting an even greater strain on IT resources to secure the data, applications and access critical to the success of the business. Today’s data center must be secure and resilient to keep the enterprise running at maximum productivity; protecting its profitability and reputation.
The modern enterprise runs a wide array of commercial and customized applications, and the data within those applications is exactly what attackers are targeting. Those critical applications and servers within the data center continue to be the subject of targeted attacks and sophisticated malware. The 2012 Verizon Data Breach Report highlights that attacks against servers accounted for 94% of all data compromised last year. Strong security controls and visibility measures must be implemented to protect the integrity of the enterprise data center.
The Cisco Security Intelligence Operations (SIO) Portal has matured over the past several years, and I’d like to highlight this change from the portal’s development to its evolving stages. I’ll also share the latest features on the portal and invite you tell us what you think about the portal through your choice of a survey or feedback function.
The SIO portal is Cisco’s primary outlet for security intelligence and the public home to our threat and vulnerability content. You can check out the portal here http://www.cisco.com/security.
We often hear about a dramatic class of vulnerabilities referred to as “zero-days” or “0 days,” “0-days,” or “0days” which can be pronounced as “zero days” or “oh days.” I have seen a number of email threads and blog posts lately that seem to refer to vulnerabilities in this class in varying and vastly different ways. This caused me to ask myself: what exactly is a zero-day vulnerability?
Emotion around zero-days can be high. This is predominantly because vulnerabilities with this label are perceived to be of greater impact and urgency. That is often correct and fair. However, there is at least one other reason for heightened energy around these issues: many teams and organizations have special service level agreements or informal expectations levied upon them in “outbreak” or “zero-day” scenarios. Imprecise use of the zero-day label can mix with these expectations to needlessly increase the urgency—and corresponding organizational disruption—of a vulnerability in these situations.
So what are the critical characteristics that set apart a zero-day from another, seemingly important and urgent vulnerability? In my opinion there are three characteristics that have garnered these vulnerabilities the urgency they hold; and if any one of these is not present the vulnerability it is not a zero-day.