What Can CFOs Do About DDoS Attacks?

Organizations are facing cybersecurity threats left and right, from disruptions in national services like the Royal Mail to fraud, IP theft, and malware in companies of all sizes. The costs of lost productivity, lost revenue, and reputational damage are often staggering.

Finance functions in companies are particular targets for cybercriminals. The finance department holds the company’s “crown jewels” and ensures that transactions are accurate and secure. Even so, CFOs and other finance officers don’t always realize how important they are in preventing cybercrime at their organization.

Corero CFO Phil Richards gave a presentation at the World Finance Forum in London about today’s top cybersecurity threats and how they can be mitigated. In this blog post, we’ll explore the most common cyberthreats in more detail and explain what finance officers can do to combat them.

Common cyberattacks today

At Corero, we specialize in understanding DDoS attacks, but we know they’re far from the only cyberthreat. In fact, the sheer variety in today’s digital landscape is staggering. Malicious hackers have grown more sophisticated and organized, and entire industries exist to sell cybercrime services by subscription.

So before we get into DDoS attacks and how CFOs can help mitigate them, we’ll explore two other broad threat categories facing companies.

Cyber fraud

Cyber fraud can encompass everything from phishing, vishing, and whaling to identity theft and website spoofing. It’s particularly common for attackers to target top executives, administrators, and executive assistants so they can gain access to the most valuable resources possible.

Training employees on security best practices is key to avoiding these attacks. But CFOs also play an important role in mitigating cyber fraud, since they have the power to invest in the right analytics and threat protection. Without proper resources for understanding, detecting, preventing, and recovering from fraud, organizations are flying blind in a risky landscape.

Malware and ransomware

Another broad threat category, malware is any malicious software designed to damage or gain access to a computer or network. It includes viruses, worms, trojans, spyware, and more.

Perhaps the most well known type of malware attack is ransomware. Ransomware attackers operate by gaining access to a system, encrypting its data, and either refusing to release the decryption key or threatening to publish the data unless a ransom is paid.

As with cyber fraud, there’s no substitute for good employee training around common malware threats. However, finance executives again play a critical role in mitigating these threats by analyzing their organization’s risk level, factoring prevention into their budgets, and maintaining a healthy balance between digital transformation and data protection.

“Typically, the expectation has been that chief information security officers (CISOs) are solely responsible for protecting the entire asset base and ensuring that all security needs are met,” writes the CFO of RiskLens. “However, chief financial officers (CFOs) are just as vital to managing cyber risk, which is now inherently also business risk.”

DDoS attacks

One of the first things a CFO should do to protect their company against DDoS (distributed denial of service) attacks is to gain a comprehensive understanding of the threat itself.

The concept behind a DDoS attack is fairly basic. A “botmaster” (attacker) sends launch commands to a botnet, or network of private computers that’s been infected with malicious software. The hundreds or thousands of infected hosts in that botnet then send malicious traffic to the victim’s server, overwhelming it and making it unable to respond to legitimate requests.

Although the premise of DDoS is simple — a volume-based attack designed to overload capacity — the execution is often sophisticated, and the effects are highly damaging. Attacks are also much more frequent than many executives realize, with an average of 10 attacks per customer per day in 2022.

Below, we’ll cover some surprising statistics from our recent research into the DDoS attacks experienced by Corero customers.

75% of attacks occur in under ten minutes

Attackers know that legacy DDoS protection solutions often take over 10 minutes to defend a system against an attack. As a result, attackers have engineered their attacks to be shorter and shorter while still inflicting maximum damage.

98% of attacks are under 10 Gbps

The increasing sophistication of DDoS attacks means that attempts don’t need to be huge and don’t need to saturate internet links. Instead, they can be relatively small, at 10 gigabits per second or less, and inflict just as much damage.

There’s a 27% chance of a repeat attack

One-off DDoS attacks still happen, but changing motives have increased the probability of a repeat attack. In 2022, one in five DDoS attacks included ransom demands, with the threat of continued attacks if payment was not made.

What should CFOs do about DDoS attacks?

Finance executives are constantly balancing business goals against security needs. On the one hand, they need to protect their company’s networks and systems; on the other, they need to balance their budgets.

Many DDoS threats can seem small and insignificant, and it would be easy to overlook a DDoS protection solution in favor of cutting costs.

But that would be a mistake. Even small DDoS threats can be insidious, evading on-demand services and causing major damage for companies.

Doing nothing about DDoS is not an option

The consequences of a DDoS attack can be devastating for a company’s financial stability and reputation. CFOs who choose not to invest DDoS protection will soon find that their security issue has cascaded into a budgetary problem.

That’s because downtime from a DDoS attack translates directly into lost revenue. In today’s highly competitive market, the customer churn from even brief outages can be substantial. This is true not only for traditional e-commerce websites but also for any business that delivers online transactions or services.

DDoS-related downtime can also disrupt internal operations and hinder employee productivity. If cloud-based services or internal systems become inaccessible, team members will be unable to perform their tasks efficiently. This can result in delayed projects, missed deadlines, and increased labor costs.

And that’s not to mention the substantial costs of restoring services, paying service level agreement (SLA) penalties, and repairing reputational damage after a successful DDoS attack.

Work closely with IT and security teams

CFOs must be hand-in-glove with their organization’s IT operations and security teams to understand their DDoS exposure risk, potential liabilities, and mitigating actions.

First, by working closely across departments, CFOs can gain insights into the existing network infrastructure. This will help them identify vulnerabilities that may make the organization more susceptible to DDoS attacks and allocate resouces accordingly.

Second, CFOs should become aware of the legal and financial consequences associated with DDoS attacks, from breach of SLAs and other customer agreements to violation of regulatory requirements. Collaborating closely with IT and security teams will help them to assess their liabilities, evaluate the financial impact of those liabilities, and effectively manage risk.

Third, CFOs should work to identify the necessary investments in infrastructure, technology, and personnel to mitigate the impact of DDoS attacks. With the right input from IT and security staff, finance executives can ensure that their organization has adequate protection against potential DDoS-related losses.

Focus on training and educating employees

CFOs must drive evaluation of the risks their businesses face from DDoS attacks. This includes not only direct risks but also indirect risks like supply chain attacks and exposure to cyberthreats through third-party vendors.

But CFOs should also place a strong emphasis on training and educating their employees. Employees are often the first line of defense against cyberthreats, including DDoS attacks, and they play a critical role in maintaining their company’s cybersecurity posture. By investing in comprehensive training programs, CFOs can empower employees with the knowledge and skills they need to identify and respond to potential DDoS attacks effectively.

DDoS attacks often exploit human vulnerabilities to gain access to an organization’s network. CFOs should recognize that well-trained employees act as a strong deterrent against such attacks. By educating employees about the DDoS and other security attacks, an organization can cultivate a culture of cybersecurity awareness and create a capable, attentive team.

Defending against DDoS with Corero

At Corero, we’re constantly tracking the evolution of DDoS attack vectors to provide companies with the best possible protection. The sophisticated attacks that we see today are typically short, sub-saturating events that are hard to distinguish from legitimate traffic – but they still cause poor network performance and low availability.

To counter these attacks, we offer flexible, automatic DDoS protection. We don’t rely on legacy approaches or on-demand cloud scrubbing, which can create minutes-long delays in detecting and mitigating malicious traffic. Instead, we enable DDoS protection at full edge bandwidth, effectively shrinking the detection-to-mitigation-to-protection timeline to seconds.

To learn more about Corero’s security solution for DDoS protection, detection, and response, schedule a demo today.