Three Discrepancies that Weaken DDoS Mitigation Strategies

Share Article

Nexusguard held two seminars at the annual Info Security, highlighting the rising threats of cyber crimes and the possibility of complying with multiple International security standards through a single, unified framework.

News Image

Nexusguard held two seminars at the annual Info Security, highlighting the rising threats of cyber crimes and the possibility of complying with multiple International security standards through a single, unified framework. The leading Internet security provider also showcased its enterprise solutions at the forum. The two sessions covered a variety of hot topics, including new vulnerabilities, the latest innovations in DDoS defense, and updates on PCI DSS 3.0. One of the talks, in particular, detailed the efficiency and security gains enabled by integrating DSS PCI 3.0 and ISO 27001:2013 into a unified framework, the latest trend in regulatory compliance. A unified framework will benefit businesses by allow them to achieve compliance with multiple standards in a more cost-effective manner.

Cyber Warfare: Why Me?
Nexusguard researcher Tony Miu’s session was titled, “Cyber Warfare: Why Me?” Through thorough analyses of real-world cases, Miu emphasized three discrepancies in the network security world that can undermine a business’ DDoS mitigation strategy:

1. Attack vector vs. security standards: Attackers are becoming increasingly creative when it comes to attack methods. It is becoming increasingly difficult for companies to keep up with attackers; strictly complying to standards and relying on best practices is not enough.
2. Customized attacks vs. inspection checklists: Attackers now commonly launch customized, site-specific attacks, making standard inspection checklists less effective.
3. Attack cost vs. defense cost: The cost of cyber attacks is continuously dropping, while the cost of deploying and maintaining comprehensive defense mechanisms are climbing ever higher..

Because of these discrepancies, attacks occur again and again. Nexusguard’s solutions are designed specifically to help businesses overcome the rising threats of cyber attacks.

In a separate session, “Integrating ISO 27001:2013 and PCI DSS 3.0 for Regulatory Compliance,” Nexusguard Consulting Information Security Manager Bruce Lan talked about how businesses should integrate the two security standards for more efficient use of resources.

The latest PCI DSS revision clarifies ambiguities in control measures, organizing the Communications & Operations section into two separate sections: Operations Security and Communications Security. The security of mobile devices is also emphasized in PCI DSS 3.0. In addition, software development and maintenance is now included in the Operations Security section. Moving forward, Lan believes that all international security standards will be incorporated into a unified framework. Not only does this help reduce the waste of resources, it also helps increase security, since new standards can be added to the framework as additional security layers.

Nexusguard Consulting, Nexusguard’s team of professional consultants, offers a full range of services that help businesses secure their applications, data and networks and applications: from drafting internal information security policies to ensuring regulatory compliance to designing and deploying practical network and DDoS defense solutions.

###

About Nexusguard
Nexusguard is an industry-leading Internet security service provider, proven by years of experience mitigating thousands of attacks per month. Established in 2008, Nexusguard continues to provide innovative end-to-end, cloud-based Internet security solutions. By protecting clients against the ever-increasing and evolving multitude of Internet threats, Nexusguard's cloud-based security solutions empower clients around the globe with uninterrupted services. For more information, please visit http://www.nexusguard.com.

About Nexusguard Consulting
Nexusguard Consulting is an Asian-based information security specialist company, delivering services that secure critical data, protect identities and help customers demonstrate ongoing compliance. Nexusguard Consulting is a sister company of Nexusguard Limited. For more information, please visit http://www.nexusguard.com/security_consulting_services.htm

Follow us on Twitter: http://twitter.com/NXG_PR
Like us on Facebook: http://www.facebook.com/NXG.PR
Follow our company on LinkedIn: http://www.linkedin.com/company/nexusguard

###

Press Contacts:
Benjamin Yip - Marketing Manager
+852-3526-0626

Ivy Wu - Marketing & PR Executive
+886-2-2659-8958
media(at)nexusguard(dot)com

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Ivy Wu
Nexusguard Limited
+886 26598958 Ext: 5124
Email >
@NXG_mkt
since: 02/2013
Follow >
Visit website

Media