31 Mar 22
Cybersecurity risks are one of the largest global threats in the short and medium term. No one is exempt from a potential cyberattack, whether they’re organizations (however small), or individuals with no responsibility roles, or that aren’t known publicly. When it comes to companies, they can see a threat to the continuity of their business due to ransomware attacks that will prevent users from accessing the system, and DDoS attacks (distributed denial of service) that will saturate and block the server.
Today, practically every company has a website. And the website is one of the places through which cybercriminals can cause harm. In this article we want to talk about the importance of having a CDN (content delivery network), because a CDN increases cyber resilience. We bring this up in line with a document on best practices in cybersecurity, published by the two most important European institutions in this area: ENISA & CERT-EU.
ENISA is the European Union Agency for Cybersecurity, and CERT-EU is the Computer Emergency Response Team for the EU Institutions.
Cyber resilience is an indicator that shows how companies are preparing, surviving and recovering from a cyberattack. Cyber resilience is based on the ability to identify, protect, detect, respond and recover from any cyberattack, combining IT security, business continuity, and incident response.
Given the ever-changing attacks today, cyber resilience has become a key factor in determining the success of an organization. It helps companies defend themselves against cybercrime, mitigates risks and the severity of attacks and it allows business continuity. A cyber resilient company is well prepared to deal with cybersecurity incidents and can respond effectively and recover quickly when these attacks occur.
Cybersecurity aims to strengthen the organization’s defenses to prevent cybercriminals and malicious programs from compromising its network, data and IT infrastructure. It encompasses strategies and actions to keep threats to a minimum and to protect the company from losses, theft or damage.
We know that cybersecurity is a key part of the security strategy for an organization, but it never guarantees 100% protection against sophisticated cyberattacks. This is where cyber resilience comes into play, that includes the implementation of policies, solutions and clear steps to follow when threats are successful.
The publication that we mentioned at first, Boosting your Organization’s Cyber Resilience, ENISA and CERT-EU develop a set of recommendations that, if applied in a consistent and systematic way, will improve cybersecurity and increment resistance against attacks.
There’s a total of 14 items that encourage the application of these recommendations in all European organizations, both in the public and private sectors. One of these highlights the need of protecting websites from DDoS attacks (distributed denial of service). And for this, the recommended tool is a CDN (content delivery network).
Transparent Edge is the only Spanish provider of CDN services. A CDN is a network of nodes distributed globally that cache and replicate the original content from origin servers: when a user requests content, what they receive is a copy from the nearest node.
This proximity decreases latency and bandwidth consumption, and ensures quick loading times. All of this ensures a good user experience.
Besides providing a better user experience, the CDN acts as the first line of defense, that’s why it’s recommended by ENISA and CERT-EU. A CDN blocks bots, spammers and other malicious tools; it increases the security level with rules and mechanisms for protection, and it protects websites against DDoS attacks.
DDoS is an attack against a system, application or device: they saturate it with requests that appear to be legitimate, from various origins so that they’re more effective, complicated to stop and hard to detect their actual origin. The most common method is through a botnet network. During the first half of 2020, DDoS attacks increased by 151% in Spain. Besides, they’re becoming more sophisticated, with cybercriminals deploying multiple attack vectors.
The motivations behind a DDoS attack are varied. Ideological, business related (an attack from competitors, for example), economic (an extortion for money), or simply vandalism. Today we’re also seeing attacks as cyber warfare elements, in the context of the Russian invasion of Ukraine.
Any reputable CDN should be able to mitigate these attacks, analyzing and filtering connections, and implementing additional security measures for that traffic that seems legitimate but is not. To summarize, the use of a CDN increases cyber resilience.