Network resilience often requires the use of new tools and technologies. Many enterprises may not have the internal expertise to address modern needs. In this virtual keynote presentation, Adam will discuss the types of technology that can help improve network resilience and the skills organizations need to use those technologies.
View the entire Network Resilience Boot Camp event on-demand here.
A transcript of the conversation follows below. Minor edits have been made for clarity.
Bonnie D. Graham: Let me give you a little introduction to our conversation here today. Network resilience often requires the use of new tools and technologies. Many enterprises may not have the internal expertise to address these modern needs. This session will discuss the types of technology that can help improve your network resilience and the skills today's organizations need to use those technologies. Let me tell you about Adam Gordon, and he's standing by. Adam is an advanced security practitioner, an author, a global speaker, an educator, and an executive with decades of cybersecurity, information assurance, GRC, information technology, regulatory, and cloud experience. That's a lot of experience, Adam.
He currently enables Fortune 500 companies to learn to leverage their portfolio of hardware, software, and services to maximize the success of their IT systems and processes while ensuring they are resilient. Adam works with complex technologies and solutions such as Google GCP, SharePoint, Skype for businesses and teams, Amazon, AWS, VMware, enterprise messaging, directory services, Citrix, DRP, BCP, as well as Microsoft Azure. And after Adam's presentation, please stick around. I'm going to have a fireside chat with Lihi Shadmi, Product Manager of Network Security at Google Cloud. Adam, are you ready to take it away?
A deeper dive into network resilience
Adam Gordon: I am Bonnie. Thank you for that wonderful introduction, and I'm looking forward to spending some time with everybody. So, to be totally transparent before we get started, no generative AI was used in the creation of this presentation. No humans were displaced as a result of that. I'm looking forward to spending time chatting with you about how we enable network resilience and some of the approaches that you can hopefully use and may even be leveraging already in your organizations. What are those essential tools and technologies? As Bonnie already indicated, I encourage you, if you do have questions, to throw them into the QA area. Bonnie, we'll make sure she keeps track of those. We're not going to deal with them while I'm presenting, but I promise you, if there are questions, I will attempt to follow up with you and give you answers once we get done after the whole session is done over the next day or so. So, please do take advantage of that.
Alright, so with that, let's get started, and let's talk a little bit. I thought it was good to get started from the perspective of some of the facts that we often face as network administrators, IT professionals, and security professionals, focused on a variety of areas – quickly sneaking a peek at the attendee list, as people were getting ready onboarding and joining us. There's a good mix of private sector, public sector, government, etc.
I think all of us, without exception, are not only concerned with but are also facing many of the issues that I'm going to call out in the next few slides. Just from a fact perspective here, I found an interesting item as I was getting ready to do the presentation. I did some background research on the current level of DDoS that we are facing in the first quarter of 2023. So, the first 90 or so days of the year that we're in. We're now roughly approaching the halfway mark, but for the first quarter, according to the Kaspersky Report that you can see on the screen. I did the quick math.
Over 57,000 DDoS attacks were reported in Q1 alone. When you break that down, that's going to give you approximately 91 days. You think about 57,000 or so attacks over 91 days; that's just about 626, so let's round up and say 630 attacks approximately every day without fail. Now, that's a fairly large number, and when we think about the fact that those attacks are increasing in complexity, sophistication, and targeting – it really does become, I think, a wake-up call for us. Network resilience, as we'll talk about in the rest of the presentation, is a multifaceted and multi-dimensional thought process.
Multi-dimensional approach to network resilience
It's not just to let me strengthen my network by eliminating obvious single points of failure. That's at the heart of any resilience conversation we have regardless of what the approach is, but it's a lot more than just limiting single points of failure in one specific technology, one area, and one silo. It must be a holistic and really well thought-out approach because otherwise, you tend to miss many of the supporting elements, as we'll come to find out through the presentation will be the difference between success and failure.
On the rise in 2023, not just DDoS but hyper-volumetric DDoS attacks. This was really becoming a thing in the last 18 to 24 months but is starting to gain more traction in terms of awareness. Not only in one community individually but broadly across communities that are addressing this concern. The single biggest volumetric attack to date was over 71 million requests per second. If you think about that, that exceeds Google's previous world record. That's probably not the kind of world record you're proud of holding, but they were the target of the single largest hyper-volumetric DDoS attack to date until this most recent one. That was roughly about 46 million requests per second, according to CloudFlare, who tracks all this, which means that it almost doubled in size in terms of the volume and the capacity to launch those attacks and the most recent one. Now, again, you're not the target of that attack, perhaps, and so you may be breathing a sigh of relief, saying, 'network resilience has seemed to be doing okay.' We're not being targeted by nation-state actors or botnets that are looking to do harm in these areas.
Whether or not you're being targeted by hyper-volumetric attacks by any of those 57,000-plus DDoS attacks that were on record in the first quarter or have never been the target of an attack. I think the last factoid I want to share with you in this first slide is probably the most telling, which is the cost of downtime. Every one of you, without exception, in your businesses and your organizations has had to deal with the effects of downtime at some point. Whether it was planned, accidental, purposeful, malicious, whatever it may have been. We have maintenance windows, SLAs, and we have things that we address downtime formally with change management, release and deployment management, and configuration management. Regardless of how we do it, there is a cost of downtime, right?
Follow up with me, and connect with me, but if you have questions, as I mentioned, please make sure they're in the question area. I will attempt to get back to you and have a conversation with you once we get done presenting over the next couple of days. I appreciate your attention, as well as your thoughtful questions, whatever they may be. Bonnie, back to you.