Enterprises, post-pandemic have slowly started moving from their legacy infrastructure to predominantly cloud platforms. From small...

 

Transcribed Image Text:

Enterprises, post-pandemic have slowly started moving from their legacy infrastructure to predominantly cloud platforms. From small to large enterprises the movement towards the cloud has occurred considering various components such as remote and hybrid work structure, efficient and robust security mechanisms, cost-effectiveness, etc. But with digital transformation via cloud adoption comes the risk of an increased number of sophisticated attack techniques by threat actors. According to a prediction by Gartner, more than 95% of workloads will be digital by 2025 and this brings the challenge of facing cyber-attacks against the cloud environment. "DDoS has been one of the most used cyber-attack tactics against cloud where the number of attacks grew by 27% from2020 to 2021. To mitigate this, Radware's Cloud DDoS Protection Service has been used by enterprises, where on an average 1,591 attacks per day were mitigated. It cannot be denied that, with the transformation being seen in technology, the vulnerability aspects too proportionally increase. Post-pandemic when the digital transformation got fast- paced, the vacuum left during the transition only allowed the cyber-attacks to turn sophisticated. With an increasing number of organizations moving towards a virtual setup, cloud environment has become the new target of the threat actors," said DR Goyal, Vice President at RAH Infotech. This raises an important question - how do SMEs protect their cloud environment against an array of malicious and advanced tactics via 'cloud-scale attacks'? To protect against the sophisticated DDoS attacks of today, the security measure used too needs to be of at least the same level of sophistication. Hence there are a number of criteria enterprises need to consider before choosing their cloud DDoS protection products. Network capacity is the benchmark for considering a mitigation service as there is a need to consider the overall scalability available during the attacks. Once the attacks are identified the processing capacity of the product is important. Latency is a critical component since website traffic needs to be maintained else high latency can adversely affect the working of the organization. Mitigation time and components, asset and IP protection, and the cost are a few more factors SMEs need when choosing the cloud DDoS protection product for their organization. "Ransom DDoS attacks have become a persistent part of the threat landscape. The recent uptick in DDoS activity should be a strong reminder to enterprises, ISPs and CSPs of any size and industry to assess the protection of their essential services and internet connections and plan against globally distributed DDoS attacks aimed at saturating links," said Navneet Daga, Sales Director of Cloud Security Services - APJ, Radware. "With Our leading DDoS mitigation technology & state of the Art scrubbing network we offer customers leading SLA's to have minimum disruption to users & business and mitigate reputational damage to the Brand." The below aspects have made Radware's cloud DDoS protection service distinctive from other cloud protection products. Automated, behavioural based, zero-day protection; automatic signature creation; smart SSL attack mitigation and widest coverage with multi-layered protection The service is backed by 16 globally connected, full mesh mode scrubbing centers, one of them located in India, using analytics-based routing with 10Tbps and growing mitigation capacity • Multiple deployment options, expert emergency response, comprehensive protection and industry-leading SLAs to attract the enterprises • Cloud-only simple deployment makes integration and installation easy One cannot expect to make a tectonic shift in technology and yet be immune to the external influences such as cyber security threats faced. Instead, the focus should be laid more on how to protect itself from threat actors and incur minimum damage as only the right technology would help in continuing to fight the threats successfully. Except of article taken from: https://www.crn.in/news/cloud-environments-under-attack- by-threat-actors-using-new-techniques-radware-threat-report/ PART A (50 marks) Answer Question 1 based on the article above: Question 1 (50 marks) Identify and explain with examples TEN (10) downsides of cloud technology when it involves cyber security threats. Enterprises, post-pandemic have slowly started moving from their legacy infrastructure to predominantly cloud platforms. From small to large enterprises the movement towards the cloud has occurred considering various components such as remote and hybrid work structure, efficient and robust security mechanisms, cost-effectiveness, etc. But with digital transformation via cloud adoption comes the risk of an increased number of sophisticated attack techniques by threat actors. According to a prediction by Gartner, more than 95% of workloads will be digital by 2025 and this brings the challenge of facing cyber-attacks against the cloud environment. "DDoS has been one of the most used cyber-attack tactics against cloud where the number of attacks grew by 27% from2020 to 2021. To mitigate this, Radware's Cloud DDoS Protection Service has been used by enterprises, where on an average 1,591 attacks per day were mitigated. It cannot be denied that, with the transformation being seen in technology, the vulnerability aspects too proportionally increase. Post-pandemic when the digital transformation got fast- paced, the vacuum left during the transition only allowed the cyber-attacks to turn sophisticated. With an increasing number of organizations moving towards a virtual setup, cloud environment has become the new target of the threat actors," said DR Goyal, Vice President at RAH Infotech. This raises an important question - how do SMEs protect their cloud environment against an array of malicious and advanced tactics via 'cloud-scale attacks'? To protect against the sophisticated DDoS attacks of today, the security measure used too needs to be of at least the same level of sophistication. Hence there are a number of criteria enterprises need to consider before choosing their cloud DDoS protection products. Network capacity is the benchmark for considering a mitigation service as there is a need to consider the overall scalability available during the attacks. Once the attacks are identified the processing capacity of the product is important. Latency is a critical component since website traffic needs to be maintained else high latency can adversely affect the working of the organization. Mitigation time and components, asset and IP protection, and the cost are a few more factors SMEs need when choosing the cloud DDoS protection product for their organization. "Ransom DDoS attacks have become a persistent part of the threat landscape. The recent uptick in DDoS activity should be a strong reminder to enterprises, ISPs and CSPs of any size and industry to assess the protection of their essential services and internet connections and plan against globally distributed DDoS attacks aimed at saturating links," said Navneet Daga, Sales Director of Cloud Security Services - APJ, Radware. "With Our leading DDoS mitigation technology & state of the Art scrubbing network we offer customers leading SLA's to have minimum disruption to users & business and mitigate reputational damage to the Brand." The below aspects have made Radware's cloud DDoS protection service distinctive from other cloud protection products. Automated, behavioural based, zero-day protection; automatic signature creation; smart SSL attack mitigation and widest coverage with multi-layered protection The service is backed by 16 globally connected, full mesh mode scrubbing centers, one of them located in India, using analytics-based routing with 10Tbps and growing mitigation capacity • Multiple deployment options, expert emergency response, comprehensive protection and industry-leading SLAs to attract the enterprises • Cloud-only simple deployment makes integration and installation easy One cannot expect to make a tectonic shift in technology and yet be immune to the external influences such as cyber security threats faced. Instead, the focus should be laid more on how to protect itself from threat actors and incur minimum damage as only the right technology would help in continuing to fight the threats successfully. Except of article taken from: https://www.crn.in/news/cloud-environments-under-attack- by-threat-actors-using-new-techniques-radware-threat-report/ PART A (50 marks) Answer Question 1 based on the article above: Question 1 (50 marks) Identify and explain with examples TEN (10) downsides of cloud technology when it involves cyber security threats.

Answer rating: 100% (QA)

1 Vulnerability It is undeniable that as technology changes so do the vulnerability factors which ri... View the full answer