Cybersecurity requires more than just a single action or approach because threats exist on many levels. Some of the biggest threats, in fact, can be internal: employees who aren’t fully aware of cybersecurity threats like phishing are a risk; incorrect configurations within your infrastructure can bring your website down (in fact, configuration errors can bring down half the internet). Cybersecurity isn’t just about securing web traffic through transport layer security (TLS) or putting up a firewall, even though these are necessary fundamentals.
The statistics around data breaches and personal information misuse are alarming. In the United States alone, there is a new victim of identity theft every two seconds. As of June 2020, at least 16 billion records (including personally identifying information, credit card numbers, and sensitive information) were breached or leaked. The United States Federal Trade Commission (FTC) received more than 1.4 million complaints about identity theft in 2020 (up from 651,000 in 2019). More than 33 percent of Americans, according to a Proofpoint survey, claim to have experienced identity theft. IBM statistics indicate that the average cost of a data breach is almost four million USD.
During periods of fear and uncertainty, such as the COVID-19-dominated period we’re living in now, the risk for cyberattacks, such as DDoS attacks and costly data breaches increases exponentially. For some perspective, recent data shows (before coronavirus lockdowns and its unforeseen security risks hit):
The COVID-19 virus has attacked more than just health and people’s freedom of movement. It has also succeeded at undermining online security as more organizations and people rely on their online presence exclusively and turn to internet-based work, study, purchases and communications. The traffic spikes characteristic of the early part of the crisis have started to stabilize, meaning that uptime should also be stable for regular traffic, regardless of volume if you’re monitoring your availability and making provisions for redundancy. But irregular traffic booms, which are often the harbinger of a distributed denial of service (DDoS) attack is entirely another creature.