Radware on Fighting the Fight Against DDoS Attacks and Why it’s Much Needed Today

From the standpoint of an Industry Leader, Radware has been helping enterprises keep their data safe. In the new decade, the threat actors are on a warpath and organizations need to be one step ahead in countering these threats. But it is not easy and not everyone is prepared.  Mr Nikhil Taneja, VP & MD of Radware – India, the Middle East and South Asia, in conversation with CXOtoday, helps understand the challenges of the new-age cyber threats and the reality of organizations’ preparedness in mitigating them.

1. Recently, DDoS attacks have seen a substantial increase, especially from hacktivists. How do CISOs counter the menace that is happening on a much more sophisticated scale?

It is important to first understand the main reasons behind this increase in DDoS attacks and their magnitude.

The first six months of 2022 were marked by a significant increase in DDoS activity across the globe. Attacks ranged from cases of hacktivism to terabit attacks in Asia and the United States.

The number of malicious DDoS attacks climbed by 203% compared to the first six months of 2021. There were 60% more malicious DDoS events during the first six months of 2022 than during the entire year of 2021.

During the first half of 2022, patriotic hacktivism increased dramatically. Both established and newly formed pro-Ukrainian and pro-Russian cyber legions aimed to disrupt and create chaos by stealing and leaking information, defacements, and denial-of-service attacks.

Outside of the war realm, cybercrime groups re-emerged and went on with business.

1. Groups like DragonForce Malaysia made a return in 2022,
2. OpsBedil Reloaded occurred following certain events and OpsPatuk was launched in reaction to public comments made by a high-profile political figure in India.
3. During the first half of 2022, a renewed campaign of RDoS attacks by a group claiming to be REvil emerged in May 2022, Radware discovered several ransom-demand letters from a group posing as Phantom Squad.

All and all this time these groups were not only sending warning notes for ransom before the attack started, but also embedded the ransom note and demands within the payload.

Unfortunately, DDoS protection service is not on top of mind for many organizations. At best they would use techniques like Black holing which are highly ineffective against these sophisticated attacks. Some CISOs fall back on clean pipe solutions for the ISP which provides some level of protection from DDoS attacks but not all. CISOs who understand the damage that a DDoS attack can do to an enterprise have gone in for full-fledged DDoS attack detection and mitigation solution that provide L3-L7 protection as well as protection from a variety of advanced and sophisticated attacks like Brust attacks, Encrypted attacks, IoT BOTnet attacks, etc.

2. How equipped are the companies to improve their knowledge and security features against the increasing cyber threats?

1. Both inherent riskand residual risk are increasing, driven by global connectivity and usage of public cloud services. Business leaders can no longer solely rely on off-the-shelf cybersecurity solutions like antivirus software and firewalls as cybercriminals are getting smarter and their tactics are becoming more resilient to conventional cyber defenses. It’s important to cover all the fields of cybersecurity to stay well-protected.
2. Cyber threats can come from any levelof your organization. Workplaces must include cybersecurity awareness training to educate staff about common cyber threats like social engineering scams, phishing, ransomware attacks and other malware designed to steal intellectual property or personal data
3. Since not every organization can invest heavily in building in-house capabilities to manage and run various solutions, it’s important to get an expert opinion on what solution will suit the organization. Opting for Managed Security Services is a trend that we see where any organization can reap huge benefits from:
   1. Expertise of solution provider to provide a tailor-made solution
   2. Very cost-effective solution
   3. Faster deployment
   4. No headache of having in-house staff to manage these solutions

3.Where do the majority of the companies stand in terms of preparedness against cyber threats that are changing rapidly?

Most large enterprises are well prepared to counter a variety of cyber threats. This is out of stringent Regulations and compliances that they have to meet, greater need to protect sensitive data and its PII information and to protect the Brand image that has been built over the years.

Mid-enterprise segment customers have varying levels of preparedness with companies which are born in the cloud or cloud-first have looked at cyber security more seriously. But a lot of traditional and conventional businesses still rely on basis of technologies like AV for endpoints and Firewalls for the perimeter. The preparedness of SME-SMB is the least among the 3 segments as they lack both funds and knowledge to invest in the right solution.

4.There have been increasing concerns about cloud security with the changing work landscape, where does Radware stand in providing the right security tools for cloud security?

Pandemic has brought a huge wave of adoption of cloud and digitization amongst all Indian enterprises. Even government departments that never thought about using private or public cloud services had to put certain workloads on the cloud. A large number of companies now have Hybrid deployment. Cloud Security is a Grey Area for almost everyone including some large enterprises. The key pain points are

1. Lack of knowledge on what’s the right solution
2. Lack of in-house expertise to manage solutions
3. Delay in go-to-market as the solution may interfere with existing business processes
4. Cost-effectiveness and unsuriety of ROI
5. Multi-cloud deployment, Hybrid network

All the solutions offered by Radware address all of the above pain points and more:

Frictionless: Our solutions seamlessly integrate into the existing business processes without inducing any interruption

Faster GTM: The deployments are lightning fast to ensure that any new applications are ready for deployment to public usage without having the fear of it being attacked

Managed Service: Since all the solutions are offered under fully managed service, organizations can focus on building core business and not worry about building a team to manage deployed security solutions

Easy on Pocket: The solution offers huge relief on the pocket and works on Pay-as you grow model ensuring that as you grow your business so does the expanse of solution without pinch to your pocket

360-degree Protection: Providing comprehensive protection for your complete Application environment as well as Infrastructure covering Application security, API protection, Bot protection and DDoS protection

Single Pane View: Be it hybrid cloud (private + public) or hybrid (on-premises + private/public), the customer will have complete visibility of all their applications deployed across these different environments under a single console, with actionable analytics

5. What is Radware’s focus for the Indian market? How has the company performed in FY-22?

We continue to be focused around our customer needs and becoming integral part of their Digital transformation journey. We maintain our market share leading position across segments we deal in be it ADC, Application Security or DDoS. We continue our focus & engagement with New MSSP partners within the region as we launch new Partnerships so that we can touch & serve more customers in the region. We have had strong H1’22 and expect even stronger H2’22, we are already on YoY growth on our Cloud Business which is fastest growing segment for us for last couple of years.