Security

Implementing an effective cyber security strategy in data centres

A robust, scalable and efficient cyber security solution is of critical importance to Colt Data Centre Services (Colt DCS). When looking for a partner to bolster its threat detection and response capabilities, Colt DCS turned to Armor to provide a uniform cyber security platform across all its multinational sites, implementing Armor’s XDR + SOC solution, as well as its VAPT programme to continually identify potential flaws. Background Operating 16 data centres in seven cities across Europe and Asia Pacific, Colt DCS has been designing, building and operating hyperscale and large enterprise data centres for more than 25 years. Like all hyperscale data centre solution providers, Colt DCS’ business model is dependent on customer confidence and being able to convince potential customers that their confidential data, and the data of their own customers, is in the safest of hands. The vast amounts of sensitive and valuable information stored, processed and transmitted by Colt DCS for some of the world’s largest organisations make it a potentially attractive target for cyber attacks. Therefore, effecting a robust and highly assured cyber security platform is essential to its operations and ongoing success. Challenge As part of its commitment to delivering a sustainable hyperscale future for its clients, Colt DCS undertook a thorough evaluation of its cyber security posture. The business found itself reliant on a multitude of disparate solutions, making threat monitoring and response less efficient. This fragmentation also meant that its IT teams did not have a single view of the threat landscape and associated vulnerabilities, instead having to sift through data from various vendors, which reduced response efficiency. Guy Gibson, IT Infrastructure Manager at Colt DCS, says, “What we realised is that we were often ‘reactive’ to threats. We had access to a huge amount of data, but no single view. It felt disjointed and that our current approach lacked structure and control.” Greater vulnerability assessment and penetration testing (VAPT) was also an area it identified for improvement, requiring continuous monitoring and testing of the environment in order to expose potential faults and security weaknesses. Guy Gibson explains, “At the heart of what we were trying to achieve was more efficient threat detection and response, seeking a single source of truth solution that would provide us with greater global threat intelligence, control, testing and guidance, whilst also facilitating large scale growth when required. “We needed to work with someone who really understood the threat detection landscape and who could provide a solution that offered zero downtime to facilitate business continuity. The solution would also have to be compliant to data storage regulations across every country we are located in, and crucially, allow us to retain ownership and control of all data. In essence we needed security delivered in an unobtrusive way.” The cyber security team at Colt DCS was also looking for the reassurance of 24/7, 365 days a year platform security, as well as a trusted supplier and subject matter expert who could provide guidance, training and knowledge to its teams, helping them to grow. “We wanted to learn and improve, so trust, communication and seamless integration between the new provider and our Incident Management Team (IMT) was also a must,” Guy continues, “focusing on detecting and resolving Priority 2 (P2) incidents or higher with a well-defined process for incident resolution.” The solution With all challenges and concerns identified, Colt DCS initiated a search for a cyber security partner who could provide an effective solution across its multinational sites. Armor immediately impressed with its delivery capabilities, technical expertise and the comprehensive solution it proposed to simplify the detection and remediation of cyber security-based threats. Guy explains, “We were highly impressed with the solution proposed by Armor. Other vendors/platforms were considered, but Armor came out top in terms of the technical solution, delivery and the flexible capabilities it offered.” Armor project managed the implementation of Microsoft Sentinel, Azure’s cloud-native security information and event management (SIEM) system, as part of its Extended Threat Detection and Response (XDR) function to correlate logs and telemetry data from all sources, providing a complete view for threat identification. A 24/7 Security Operation Centre (SOC) added an additional layer of cyber security expertise to Colt DCS’ defence, enabling swift threat response and guiding remediation efforts effectively.  As part of the XDR+SOC deployment, Armor configured each of the following custom and native log sources: Azure AD: Provides insights into audit and sign-in logs Azure Activity: Provides an overview of subscription level events Azure WAF: Provides Web Application Firewall logs Azure Firewall: Provides network security and application rule logs Azure SQL Database: Provides audit and diagnostic logs Azure Storage Account: Provides audited and diagnostic logs Microsoft 365 Defender: Monitors and logs logons, file, process and registry events Microsoft Defender for Endpoint: Provides security alerts on network endpoints such as laptops, tablets, routers etc. Additionally included in the solution were Armor’s advanced: Analytics Rule Library – including correlation alerting and threat-hunting rules Security dashboards and widgets Configuration of Open Source and Commercial Threat Intelligence Feeds An ongoing VAPT programme was also deployed to identify any potential security flaws and enhance its DPS’ overall security position. As a second stage to this project, Colt DCS is now ingesting a new telemetry as part of its XDR solution – Microsoft’s Defender for IOT.  This will enhance its security further by protecting and monitoring internet-connected devices and endpoints within the data centre infrastructure to prevent cyber threats and vulnerabilities. Guy explains, “The implementation of the solutions was well-managed and required minimal input from our internal teams. Not only was it straightforward, but the benefits were felt almost instantly. The solution from Armor has allowed us to have a better oversight of our global operations and assess the cyber landscape more efficiently. “I haven’t received a single complaint from my team. Everyone sees Armor as a force for good. Armor’s solution has allowed us to shift our mindset internally, we are more proactive and focused. We can spend more time on access control rather than trying to process and understand vast quantities of data, which had become the norm. “There have been numerous threats and vulnerabilities picked up since the implementation of Armor’s system. Issues that I think could have posed a real risk had our teams not been able to detect and remediate them. One example was the detection of a compromised email account which had the potential to be used for malicious means if not resolved swiftly. With this new solution we were able to be informed accordingly and take immediate remediation steps.” Shortly after the implementation of the Armor solution, Colt DCS expanded capacity across ten of its sites. Guy adds, “Having implemented the XDR solution ahead of this expansion undeniably meant that this process was much swifter. It was far less concerning to all involved than it would’ve been using our previous approach. “Overall, the entire solution has helped us to achieve every single objective we set out to achieve on this journey, making the assessment of the cyber landscape a lot simpler for our team, threat detection and response quicker and more efficient, whilst continually facilitating our expansion.” The wins Unified cyber security provision Greater threat visibility Minimised false positives and reduced alert fatigue Simplified and faster incident response Reduction in people hours to detect and manage threats Elimination of threats before they cause damage Improved global oversight across Colt DCS’ locations Implemented with zero downtime and full business continuity experienced Enhanced access control Compliant with data storage regulations across every location Retained ownership and control of all data Accessible guidance, training and knowledge support

Research reveals that 95% of security leaders are calling for AI cyber regulations

Research from RiverSafe has revealed that 95% of businesses are urgently advocating for AI cyber regulations, ahead of November’s AI Safety Summit. The report, titled 'AI Unleashed: Navigating Cyber Risks Report', conducted by Censuswide, revealed the attitudes of 250 cyber security leaders towards the impact of AI on cyber security. Three in four businesses (76% of surveyed businesses) revealed that the implementation of AI within their operations has been halted due to the substantial cyber risks associated with this technology. Security concerns have also prompted 22% of organisations to prohibit their staff from using AI chatbots, highlighting the deep-rooted apprehension regarding AI's potential vulnerabilities. To manage risks, two-thirds (64%) of respondents have increased their cyber budgets this year, demonstrating a commitment to bolstering their cyber security defences. Suid Adeyanju, CEO at RiverSafe, says, "While AI has many benefits for businesses, it is clear that cyber security leaders are facing the brunt of the risks. AI-enabled attacks can increase the complexity of security breaches, exposing organisations to data incidents, and we still have not explored the full extent of the risks that AI can pose. Rushing into AI adoption without first prioritising security is a perilous path, so striking a delicate balance between technological advancement and robust cyber security is paramount." Two thirds of businesses (63%) expect a rise in data loss incidents, while one in five (18%) respondents admitted that their businesses had suffered a serious cyber breach this year, emphasising the urgency of robust cyber security measures. A link to the full report can be found here.

Gunnebo enters discussion on layering physical security for data centres

Gunnebo Entrance Control has launched a new white paper to open the discussion on creating a layered physical security approach to protect data centres from increased security threats. The downloadable discussion paper, entitled, 'Protecting Data Centres by Layering Security', highlights the immediate challenges faced by data centres and the solutions available that could be seen as ‘enablers of change'. Gunnebo presents the essential need for a proactive approach to security, right from the initial design phase of any data centre, identifying the need for continuous maintenance and monitoring to ensure evolving security risks are prevented. Tina Hughan, Gunnebo Entrance Control’s Global Marketing and Sustainability Director and author of the white paper, says, “In today's digital world, data centres are not just the heartbeats of our interconnected society, they are the custodians of our most precious digital assets. They ensure information flows seamlessly and securely, powering innovation, and safeguarding our connected future. "With such a responsibility, the need for uptime operations is crucial, as is the need to secure the facility from every potential threat, including the potential for hackers to physically access a site. In this white paper, we highlight how every area of a data centre should be analysed, with details of how a full risk assessment can support a layered and scalable approach to security, to guarantee the ongoing safety of any data stored.” The white paper draws on the increasing role of data impacting everyday life and the significant ramifications of any breach, citing several high-profile cases that have led to the loss of confidence and significant financial fallout. With case examples of how to progress through risk assessment together with advice from leading security authority bodies on conducting risk management strategy, the white paper looks at the successful implementation of a physical layered approach to security. It also includes the need for consideration of security early and on an ongoing maintenance and monitoring basis to combat evolving security risks. Tina concludes, “In a world where data centres increasingly serve as the core component of our interconnected world, proactively safeguarding these critical facilities has never been more paramount. Not responding to the heightened risks and vulnerabilities of sites across the globe has proven to have devastating effects. “In this white paper, we take a holistic approach to the use of security technology to explore the different data centre applications, with real-life case studies to identify success. We acknowledge this is just the start of a very complex conversation and would love to see it as an opportunity to open a debate and explore the opportunities further.” The white paper is now available to download here.

Immuta's new product enhances data security and compliance

Immuta has announced the release of Immuta Discover, a new product for automated tagging and classification on cloud data platforms. Immuta Discover enables data teams to establish and maintain highly accurate metadata for the primary purpose of data access control, monitoring and regulatory compliance.   Immuta Discover automatically and continuously discovers structured data in cloud data platforms. It can also leverage existing metadata pulled from enterprise data catalogues like Alation. Leveraging all of this metadata, it provides visibility of all sensitive data, which is critical for building data policies to protect the data and analysing its usage. As a core pillar of its Data Security Platform, it eliminates manual, error-prone processes and helps organisations improve data security, gain full visibility into their data and unlock its value.  Discovering, tagging and classifying sensitive data with accurate and descriptive metadata is a critical component of a successful data security strategy. However, today’s organisations are burdened with increasingly dispersed data, as the number of data sources and users continues to grow. Existing solutions are not designed to tag and classify data across all of these sources with the accuracy and granularity required for security and governance. The lack of accurate metadata creates security gaps and blind spots, making it difficult to meet stringent compliance regulations.  Immuta Discover allows data teams to easily and accurately scan, classify and tag data so they can apply data control policies and monitor data access. This allows teams to gain full visibility and context into all of their data assets, and better protect and monitor their sensitive data for enhanced data security posture management. Immuta offers 60+ pre-built and domain-specific classifiers, providing organisations with the flexibility to tailor data classifications to their unique business needs and based on their desired confidence levels.  With Immuta Discover, customers can automatically identify and classify sensitive data by leveraging the following new capabilities:   Accurate and actionable metadata for data security: It provides accurate, granular metadata and actionable tags on sensitive data so users can seamlessly secure data across cloud platforms at scale. The product enables full metadata visibility into what data requires access controls and auditing. The metadata can be leveraged directly in Immuta Secure to govern the data and in Immuta Detect to monitor data access.    Agentless, multi-cloud data discovery: It scans and classifies data natively, with no software to install and no agent running next to the cloud data platform. The data never leaves the data platform. This approach simplifies operations and is secure and compliant, enabling data teams to be more efficient with an always up-to-date data inventory.  Out-of-the-box and customisable regulatory frameworks: It automatically categorises data that is subject to leading regulatory frameworks such as CCPA, GDPR, HIPAA, or PCI to implement compliant access control policies. These frameworks are created and maintained by Immuta’s in-house Legal Engineering team, and additionally enable customers to customise frameworks based on their interpretations of specific regulations for accelerated compliance.  

FDM Group and ISACA to boost cyber training programme

FDM Group has announced a partnership with ISACA, a global professional association, to boost its cyber training credentials. ISACA has over 170,000 members and is recognised for its expertise in information security, governance, assurance, risk, privacy and quality. Under the new agreement, FDM employees will benefit from its cyber training, with access to ISACA-approved resources, including online learning tools. The deal will allow FDM to enhance its in-house cyber security credentials, offering the latest technical expertise to its clients. The company has plans to ramp up its cyber security training courses, aiming to equip hundreds of new consultants every year as part of its technical operations programme. Andy Brown, Chief Commercial Officer, FDM Group, says, “Getting access to the latest cyber security expertise is a top priority for every business, and our partnership with ISACA will enable FDM to bring the very highest standards of service and skills to the market. We are very pleased to be working alongside such a prestigious organisation to equip the next generation with world-leading security expertise.” Jeff Angle, Senior Director, Academic and Workforce Development, ISACA, says, “FDM Group is widely recognised as a leading global provider of highly skilled IT experts. We are very excited to be teaming up with such an extensive workforce, sharing knowledge, best practice and industry expertise to further enhance their offering in such a crucial area.”

Neterra launches Startup Accelerator program

Neterra has initiated Startup Accelerator program with the aim of nurturing and supporting start-ups. Under this program, it is providing complimentary or substantially reduced services encompassing cloud, colocation, connectivity and cyber security. The neterra.cloud offering is built on cutting-edge Intel(R) Xeon(R) Platinum processors, offering unlimited data traffic and scalable enterprise-class storage solutions. This package also includes free backup, disaster recovery solutions, and DDoS protection for the initial six months. In a bid to further assist innovative start-ups, it grants access to colocation services in its Tier III+ data centres, including EU based Sofia Data Center 1 (SDC 1), Sofia Data Center 2 (SDC 2), SDC Stolnik, and SDC Ruse, coupled with their high-quality carrier-grade connectivity and global internet exchange through the NetIX platform. For the first six months, Neterra covers the expenses, while start-ups are responsible for their electricity costs. Following this initial period, the global telecom extends discounted colocation services starting at starting at 12 euros/1U rack unit/month. Additionally, Neterra is extending consultancy services to program beneficiaries, offering expertise in network architecture, hardware and software recommendations, configuration, best practices, and managed services for cloud, application servers, hosting providers, and more. The current start-up support program is a continuation of its longstanding commitment to assisting start-ups, a tradition that has been upheld since the company's inception nearly three decades ago. Back then, it played a pivotal role in helping numerous internet providers launch and prosper.  In more recent times, Neterra has demonstrated its dedication to supporting start-ups, as exemplified by its involvement with ucha.se, an online learning platform. Founder of ucha.se, Darin Madzharov, crossed paths with Neven Dilkov, Founder of Neterra, through a mentoring program aimed at nurturing and guiding young talents. In the early stages of development, it extended its support by offering complimentary services during the initial months.

Report highlights vision for digital infrastructure in 2030

In the face of rapidly increasing data volumes, relentless cyber threats, a critical shortage of skills, and the intricate demands of regulatory compliance, a startling 95% of businesses perceive their digital infrastructure as a risk to their operations.  The findings form part of a new report titled, ‘Vision 2030: Overcoming your digital infrastructure connectivity challenges and requirements’, from Telehouse International Corporation of Europe, a global data centre service provider.  250 UK IT decision-makers were surveyed to gauge their opinions on the digital infrastructure challenges and opportunities they are likely to face over the coming decade. Data deluge and infrastructure needs Looking ahead to 2030, a resounding nine in 10 (89%) of respondents anticipate the need for high-density, high-performance computer systems to harness the massive volumes of data generated by the IoT, widespread AI adoption, machine learning, advanced data analytics, and the expansion of cloud-based remote work. Moreover, 75% of organisations expect their data management responsibilities to increase significantly. Data vulnerability looms large Highlighting the growing apprehension among IT professionals, a significant 42% of respondents pinpointed software as the most vulnerable aspect of their digital infrastructure over the next decade. This finding underscores the urgency for organisations to bolster their software defences. Preparedness gap: The IoT and edge computing challenge The survey exposed a readiness gap, with more than half (55%) of respondents acknowledging their partial readiness to grapple with the challenges posed by emerging technologies like the Internet of Things (IoT) and edge computing. About 11% of organisations admitted to having limited capabilities, a shortcoming that could significantly hamper their growth and competitiveness if not promptly addressed. Skills shortage persists The scarcity of IT skills remains a pressing issue, particularly regarding emerging technologies. Nearly a third (29%) of decision-makers identified artificial intelligence (AI) as the area where their organisation faces the most significant skills deficit. Meanwhile, 20% identified a shortage of cloud-related skills, and 14% expressed concerns about security expertise. To bridge this skills gap, 35% of organisations have initiated internal training programs focusing on AI, edge computing, and cyber security. AI integration and security concerns The research also highlighted a shifting landscape of challenges for IT decision-makers. Since Telehouse’s 2020 research, the percentage of senior IT professionals foreseeing the integration of AI and analytics as their most significant infrastructure challenge has grown from 23% to 33%. Notably, cyber security emerged as a prominent source of anxiety, with 33% expressing that cyber attacks are their top concern regarding downtime. This anxiety is exacerbated by the evolving landscape of regulations and compliance standards. Colocation on the rise As the complexities of security and compliance intensify, 54% of organisations are opting for colocation services over on-premises IT infrastructure. This represents a notable increase from the 33% reported in Telehouse's 2020 research. Investment and partnerships: The path forward Amid these challenges, 61% of respondents plan to increase their investment in data centre infrastructure over the next decade, while 33% expect investment levels to remain steady. Additionally, one-fifth of organisations are exploring commercial relationships with colocation providers to bolster their connectivity capabilities in the face of the impending data deluge. Mark Pestridge, Executive Vice President and General Manager of Telehouse Europe, comments, "Our research underscores the formidable digital infrastructure challenges that organisations are grappling with as they navigate emerging technologies amidst a persistent shortage of specialised IT skills and mounting concerns about cyber risks, downtime, and regulatory compliance. The exponential growth of data and the growing demand for digital connectivity make it imperative for businesses to adopt robust models and establish the right partnerships to harness connectivity opportunities."

UK organisations buckling under huge data security strain

Over a quarter (29%) of European organisations have been unable to fully utilise data within their organisation due to challenges with data security, according to an IDC InfoBrief, sponsored by Immuta.   This data security “gap” is a result of organisations grappling with increasingly complex IT and data infrastructures internally, leading to huge siloes of sensitive data. Businesses must manage this alongside the external risk of rising cyber attacks in Europe, as 58% of UK organisations experienced an increase in cyber attacks in the last 12 months, followed by 49% in DACH and 47% in the Nordics.    According to insights from 108 European organisations, data security is rising rapidly to the top of the CEO’s agenda, 45% will prioritise spend on data security, risk and compliance this year to enable trustworthy data collaboration and sharing, followed by workplace solutions (36%), application development and deployment platforms (35%), infrastructure and operations (33%) and automation technologies (31%).  Organisations must also address a new blind spot caused by shadow data - a side effect of data sprawl in the cloud - with only 42% of European businesses selecting 'confident' or 'highly confident' in their ability to discover and classify sensitive data, both known and unknown, in the public cloud.   Meanwhile, evolving privacy regulations are creating tension between digital innovation and data sovereignty, only 15% of organisations in Europe are highly confident in their ability to discover and classify sensitive data in order to protect it. Additionally, when managing compliance with GDPR, the biggest challenges facing organisations stem from identifying and mapping personal data (41%), creating data protection by design (40%), data retention and deletion (38%) and data security (35%).  In the UK, organisations cited working from home and hybrid work as the top operational security priority for 2023, followed by cyber resilience of systems and data privacy and regulatory compliance. 58% described their organisation as 'confident' or 'highly confident' in its ability to discover and classify sensitive data, both known and unknown, in the public cloud - a significant increase on the European average (42%). 56% of UK organisations will expand or upgrade technology related to data access and governance in the next 12 months. “The reality is that organisations are typically operating with data spread across multiple platforms and locations, all whilst navigating a rapidly evolving privacy and regulatory landscape,” says Colin Mitchell, General Manager, Immuta. “Data is a critical asset for organisations, enabling collaboration, innovation and informing decisions. However, as data usage increases, businesses need to manage unauthorised access, breaches and misuse. This creates a complex dynamic between data utility — the usefulness and accessibility of data — and the security and compliance measures in place to protect data from risks.”   Looking ahead, organisations are exploring ways to build trust in data by streamlining their security operations and rationalise their existing security tool environment, 49% of respondents all working within security plan to expand or upgrade implementation of data access controls in the next 12 months. Nearly a third of European organisations (32%) also intend to increase spend on data discovery and classification to overcome challenges of complexity.  The IDC InfoBrief sets out how convergence to a data security platform enhances sensitive data protection across hybrid multi-cloud environments, while enabling authorised users to effectively utilise the data for business purposes. The full findings of the IDC Data Security Infobrief can be found here. 

Logpoint and METCLOUD to tackle cyber security challenges

Logpoint has announced a partnership with METCLOUD in the UK to address fundamental cyber security challenges for organisations, as the threat landscape worsens and cyber security expertise becomes increasingly scarce. METCLOUD will offer Logpoint Converged SIEM, including SIEM, SOAR, UEBA, AgentX, and Business Critical Security (BCS) technologies, to empower customers to efficiently manage, identify and remediate cyber threats across the business landscape.  “Logpoint’s solutions give us a greater breadth of capabilities around predictive and preventative analytics, and management and insights across the technology landscape. Logpoint has a unique offering with BCS for SAP, enabling us to address the significant SAP ERP market,” says Ian Vickers, CEO at METCLOUD. “SAP customers account for 87% of total global commerce, which is an enticing target for cyber criminals. Furthermore, the rapid adoption of AI/ML, IOT, OT, VR, digital twins, robotics and automation makes for a more connected world and as such significantly increases the risks of cyber attacks.” METCLOUD is providing Logpoint Converged SIEM and support services via its private and hybrid cloud offering. Logpoint’s cyber security platform protects the entire business by providing comprehensive threat detection, investigation and response across clients, servers, network systems, cloud workloads and business-critical applications​. In addition, METCLOUD has developed its own AI and data analytics services that integrate with Logpoint converged SIEM to further accelerate the speed of threat detection and remediation. “We’re excited about the synergies that the partnership between METCLOUD and Logpoint brings to market. The ability for mid-market organisations to consume SIEM-as-a-Service with SOAR capabilities included is valuable because it speeds up threat detection and remediation and this sector tends to lack the expertise, resources and experience required,” says Jesper Zerlang, CEO at Logpoint. “For larger organisations that are likely to have well established SOC capabilities in-house, Logpoint BCS for SAP is a unique, enhanced security offering that adds more capabilities to existing teams.” Logpoint has a range of customers in the UK, spanning the public sector and industries like finance, manufacturing, defence, and retail. By converging SIEM, SOAR, UEBA, endpoint security, and BCS technologies into a cyber security operations platform. The platform is available on-prem, in private cloud, and as SaaS.

Cyber attacks reach fever pitch in Q2 2023

Zayo Group Holdings has announced its annual Distributed Denial of Service (DDoS) insights report, analysing DDoS attack activity and impact across industries in the first half of 2023.   The global landscape of increasing digitisation, political unrest and the emergence of widespread adoption of work from home, have all contributed to an increase in DDoS attacks, which jumped 200% in H1 2023 compared to the full year 2022.   Key findings in brief: Rapid acceleration of attacks: There was a 314% increase in overall attacks from the first half of 2022 to the first half of 2023. But that’s putting it lightly—in some industries, the growth was over 1,300%. Q2 2023 reached a fever pitch: As attackers continue to exploit the sophistication of AI and automation, there was a 387% increase in attack activity from Q1 to Q2 of this year alone.  Industries under fire:Telecommunications companies were a prime target for attackers due to the critical role telecom providers play in providing communication and internet services. The industry saw the most frequent attacks, accounting for roughly half of the total attack volume, with more than 37,000 attacks in the first half of 2023. Education, which had the highest frequency of attacks in the first half of 2022, was just behind the telecommunications industry. Cloud and SaaS companies also saw a significant increase in the frequency of attacks from the first half of 2022 to the first half of 2023. Retail, telecommunications and media companies experienced the largest attacks, with an average attack size of 3Gbps across all three verticals, which is a large enough attack to take down one to two offices depending on the company size. The largest aggregate attack, against the telecom sector, was 978Gbps. Comparatively, in 2022, telecommunications and government experienced the largest attacks.  The government sector experienced the longest attacks of any sector, a change from healthcare in 2022. Across all industries, the average duration of attacks increased by 216% from Q1 to Q2, with the finance industry seeing the largest leap from 41min to 108min.  Why it matters: DDoS attacks are the most common cyber attack against an organisation’s online presence. These are deliberate attacks in which a target’s internet circuit is flooded with fake or illegitimate traffic to prevent true user traffic from passing. Even small attacks can cause hours of downtime, resulting in immense costs for businesses, including lost money, time, customers and reputation.  No matter the attack frequency, duration, or size, unprotected organisations experienced an average cost of $200,000 per DDoS attack, according to HubSpot. Even small businesses are hit hard, with average costs of $120,000 to recover. “When your business will get hit by a DDoS attack is a game of probability,” says Anna Claiborne, SVP of Packet and Product Software Engineering at Zayo. “With a huge rise in attacks in 2023 and more attacks over 100Gbps, the odds are not in your favour. While there are a myriad of statistics on the cost of remediating a DDoS attack, the long-tail loss of customer confidence after an attack is difficult to quantify and even more difficult to fix. Running any business on the internet without DDoS protection is a risk, and you have to ask yourself if it's one worth taking.” Click here for more latest news.