Friday, May 3, 2013

Addressing DDoS in Risk Assessments

The Importance of Analyzing Cyberthreat Intelligence

By , May 3, 2013. Follow Eric @GovInfoSecurity
In assessing the risk of a distributed-denial-of service attack, organizations must think beyond shoring up systems' perimeters and concentrate on analyzing cyberthreat intelligence, Booz Allen Hamilton's Sedar Labarre says. Besides getting away from the mentality of a perimeter defense, Labarre says risk assessors should avoid "a myopic focus on just looking at vulnerabilities. Be smart about what you're doing. Focus on the intelligence out there that tells you where you could be attacked. Look at the attack surface itself and figure out how to protect that."

An attack surface is the code within a computer system that could be run by unauthorized users.

The focus on DDoS risk assessments comes at a time when U.S. banks have been under repeated DDoS assaults. Since last September, the FBI counts more than 200 separate DDoS attacks on at least 46 financial institutions [see FBI: DDoS Botnet Has Been Modified]. And Anonymous threatens to strike at U.S. federal government and bank websites on May 7 in what the hacktivist group calls OperationUSA [see OpUSA Threatens Banks, Government]. In an interview with Information Security Media Group, Labarre:
  • Outlines steps organizations should take to assess their vulnerability to DDoS attacks;
  • Explains how nation-states pose different threats than do criminal gangs and hacktivists to enterprises; and
  • Discusses the importance of gathering intelligence in defending against DDoS attacks.
Labarre has been with the consulting firm Booz Allen since 1998. As a principal and director, a post he has held since October 2011, Labarre is a commercial practice leader for Booz Allen's cross-market strategic cybersecurity assessments and program development offering.
Follow Eric Chabrow on Twitter: @GovInfoSecurity

No comments:

Post a Comment