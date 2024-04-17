As everyone in the security space knows, misplaced confidence can often be much worse than a known weakness. When you have an accurate idea of where your vulnerabilities are, at least you can focus your mitigation resources there accordingly. But if you think your defenses are strong where they are not, or you don’t truly understand the adversary’s capabilities, then you will always misallocate your forces and leave yourself open to attack. Unfortunately, that is almost always the case when it comes to DDoS protection. Our experience has shown that a large majority of companies are more exposed to DDoS attack than they think they are. The DDoS attack simulations we ran in the last quarter identified excessive vulnerabilities across industries and organizations of all sizes. Sixty-eight percent of the protection faults uncovered by our simulation tests were either severe (i.e., no detection or mitigation of an attack) or critical (i.e., only partial detection/mitigation).

Accurately Assessing Your DDoS Security Posture The DDoS Resiliency Score (DRS), developed by Red Button, is an open standard providing an objective yardstick for quantifying an organization’s ability to withstand DDoS. It defines seven ascending levels of attack, each one introducing additional sophistication, vectors and traffic volumes. It is important to note, however, that different industries face different levels of threat. Based on real-world data, the finance, communication and gaming industries, for example, are among those prone to the most sophisticated DDoS attacks. The following chart indicates where various industries fall on the DRS threat scale, which naturally creates a benchmark for adequate protection in each sector. It allows you to evaluate what kinds of DDoS attacks your specific organization should normally be able to withstand.

The (Surprising) Results Are In The problem is that most companies are completely unaware of both how much protection they need and how protected they actually are. That’s why they are so often truly surprised by the results of initial DDoS attack simulations.