What will you do if your organization is the next target of a distributed denial of service attack? Hacktivists recently launched DDoS attacks that caused online outages at several major U.S. banks. Each institution was warned in advance; none were able to prevent disruptions. And while banks are the current targets, any organization could be next. Join this panel for expert insight on:
Why these recent DDoS attacks elude traditional defenses;
New security solutions to help detect and respond to DDoS attacks;
How to respond if you are attacked - from ramping up fraud prevention in other channels to what to tell customers about the attacks.
Beginning in mid-September, hacktivists initiated a series of sophisticated DDoS attacks against major U.S. banks, including Bank of America, Chase and Wells Fargo.
The attackers claim to be waging a cyber war against top-tier banking institutions because of outrage over a YouTube movie trailer believed by the hacktivists to be anti-Islam. In each instance, the group has given at least 24 hours notice before launching the DDoS attacks. But not every institution so far has successfully avoided online outages resulting from the attacks.
These incidents send two clear messages to security leaders:
The sophistication and strength of the DDoS attacks are greater than organizations have seen before. One industry expert measured the DDoS traffic flow at one institution to be 65 gigabytes per second - roughly 65 times heavier than previous DDoS attacks.
Any organization is susceptible. Banks are today's DDoS target, but tomorrow it could be a government agency, merchant or healthcare entity that offends a hacktivist group with the resources to launch an attack. If banks, with their mature security programs and state-of-the-art defenses, cannot ward off these attacks, then what other organization can?
In this panel webinar, industry leaders with expertise in DDoS defense will present the unique qualities of these latest attacks, why no organization should feel immune, then discuss successful solutions that can empower organizations to detect, prevent and respond to attacks.
Leading the discussion is Matthew Speare, SVP of IT at M&T Bancorp. He will set the stage by discussing how his institution responded to the attacks against other banks, including preparation, security controls and customer communication strategies.
Speare then will be joined by thought-leaders from Akamai, Fortinet and Neustar, who will discuss a range of DDoS-related topics, including:
Sophistication of Attacks - In the past, DDoS meant brute-force network attacks. Now, experts say, they are not only stronger, but also morphing into application layer attack, which makes them harder to detect and block. What have we learned from these attacks, and which new solutions are best for identifying and rerouting the DDoS traffic?
A Cover for Fraud? - Sometimes DDoS attacks are meant as a distraction - to keep security personnel focused online while the fraudsters turn to other channels, such as the call center, to commit fraud. What are the account anomalies you need to be equipped to detect?
Incident Response - Not only does your organization need to be prepared to respond internally to DDoS attacks, but you also need to know how to communicate externally to customers. What's your message, and how can you take this opportunity to better explain your security posture?
Joffe's responsibilities include defining and guiding the technical direction of the company's Neusentry security offering as well as heading the company's cybersecurity initiatives. Joffe joined Neustar in 2006 after the acquisition of UltraDNS Corporation, a directory services company he founded in 1999. Prior to founding UltraDNS, Joffe was the founder and CTO of Genuity, one of the largest Internet service and hosting providers in the world.
Mulhearn, as Director - Product Management, is responsible for the FortiDDoS family of solutions. He has over 25 years experience in the networking and telecommunications industry and has been involved in a number of technology start-ups. For the past 15 years, Mulhearn has focused on security and 10 of those years, he was actively involved in the supply of DDoS mitigation solutions.
Smith serves as Akamai's CSIRT Director and is responsible for leading a team of web security incident responders and researchers that study the tactics, techniques, and procedures of web attackers and apply that knowledge to help protect Akamai customers during events such as Distributed Denial of Service. Prior to his current role, Mr Smith served as Akamai's Security Evangelist and as the customer-facing ambassador for the Information Security Team, helping customers to understand both the internal security program and the unique security features and capabilities of the Akamai product portfolio and cloud-based solutions.
Executive Vice President & Enterprise CIO, Regions Bank
Speare joined Regions in 2013 and serves as the head of governance and integration. Regions is a top U.S. bank-holding company headquartered in Birmingham, Ala., with $117 billion in assets, operating approximately 1,700 banking offices in 16 states. In this role, Speare has responsibility for information security; check, ATM/debit, and credit card fraud operations; and systems integration for consumer, business and commercial banking groups. Prior to assuming his current role in 2013, Speare was the chief technology officer for M&T Bank, an $82 billion financial institution based out of Buffalo, N.Y.