The Internet was not designed for business and is inherently insecure, which is why cloud-based security is so important. Vulnerability issues are amplified by the fact that applications are often designed for performance, not security. The high value of assets and transactions stored and conducted online has led to an inevitable increase in the incentives for cybercriminals. In addition, lower barriers to entry due to easy accessibility of sophisticated attack tools, and the growth of politically and commercially-driven hacktivism, are correlated with an increasing number and size of attacks in recent years.

The most effective and scalable cyber protection methods for defending against denial of service attacks and data theft involve stopping the threat far away from your data center. Would you choose to fight a pack of intruders at your house if you had the option of stopping them at the city wall or country border instead? Rather than fighting an attack on your doorstep, cloud-based security stops attackers in the Internet cloud, before they reach your business.

It depends on who your cloud computing service provider is, but in a lot of cases they don’t have the knowledge, expertise and infrastructure to stay current and ensure your services are uninterrupted during a large distributed denial of service (DDoS) attack or to defend your assets against sophisticated, multi-vector attempts to steal your data.

It’s difficult to find the most-trained and most-capable security personnel. In addition, as with any profession, those who do the highest volume of work become most proficient. The cybersecurity experts in a security operations center of a major cloud security service provider will have exposure to more types of threats and more experience stopping threats for a large number and wide variety of clients than individuals who work with fewer clients.

Cloud-based security can help to secure websites and data centers to reduce the risk of downtime and data theft. For example, Akamai offers cloud security solutions to mitigate a wide variety of threats and deliver threat intelligence, such as:

• Multi-layered defense;
• Managed DDoS protection service for critical websites and web applications;
• Managed DDoS protection service for the entire data center;
• DDoS detection service for early notification of network-layer DDoS attacks and application-layer DDoS attacks;
• Application-layer defense to protect against data theft through attacks such as SQL injections and cross-site scripting;
• Origin defense by cloaking web infrastructure and reducing vulnerability;
• Secure DNS resolution;
• Client IP reputation data for improved security decisions.

Every visitor to your site uses an IP address. Understanding the behaviour of an IP client can help your organization protect its websites and applications. This information can be procured from an IP reputation service . Such a service will analyze attacks made against other organizations to identify which IP addresses persistently generate attack traffic. This information is used in cloud security to whitelist and blacklist or alert on visits from client IP addresses based on their past behavior on the Internet.

It depends on how important avoiding site outages and data theft is to your business.

Gartner expects “by year-end 2020, more than 50% of public Web applications protected by a WAF will use WAFs delivered as a cloud service or Internet-hosted virtual appliance — up from less than 10% today.” 1 There’s good reason for that. DDoS protection and DNS protection are also available from cloud security providers, including some that offer web application security. As a result, cloud security firms can combine multiple cybersecurity protection services for convenience and economy of scale. Cloud security services that engage in extensive cyber-intelligence and take a multi-layer security approach have additional benefits. DDoS attacks are best defended from a place with extra bandwidth, so sharing that extra network capacity among many clients shares the extra capacity among multiple enterprises.

Security solutions aren’t one size fits all, so it is important to choose a partner that has the breadth of solutions and experience to meet your particular requirements. To help with this process, determine if the following are important to you and ask your cloud security service provider questions such as:

• Do you offer managed services to provided 24/7 expert support, such as helping to steer us through web application firewall (WAF) optimization, attack management and reporting before and after a cyber-attack, and ongoing defense preparation such as regular reviews and an attack playbook for managing communication during an attack?;
• Do you have the flexibility and scale to protect what I have, whether it is two critical sites or a whole data center or an upgraded DNS infrastructure?
• How do you plan for the future? Do you have the capacity to defend against the biggest attacks?
• To what extent do you prioritize reducing false positives and false negatives?
• Will you prioritize keeping my site up when under attack? Do you ever Null Route traffic in order to protect other customers that use the same pipe?

The State of the Internet site provides cloud security resources to help enterprises understand, identify and mitigate cyber-attacks:

• Threat advisories;
• White papers;
• Trends and statistics;
• Blogs: Current cybersecurity issues;
• Global map of DDoS attacks;
• How to choose a web application firewall (WAF);
• Cybersecurity FAQs and best practices.

1Gartner “Magic Quadrant for Web Application Firewalls” by Jeremy D’Hoinne, Adam Hils, Greg Young, Joseph Feiman, June 17, 2014