One in five businesses surveyed believe that their online services should be protected against DDoS attacks by their IT service providers (in particular, network providers). However, this responsibility often falls on the shoulders of companies that come under attack, according to Kaspersky Lab.
On average, 28% of all businesses are of the opinion that protection against DDoS is not their concern. In fact, the survey shows that smaller companies take less responsibility for protecting their services against DDoS attacks.
40% of small businesses surveyed are confident that they are fully protected by network service or web hosting providers. Among large companies, less than 9% share this viewpoint. Only 9% of small and 2% of large companies rely on the police and the government.
At the same time 44% of respondents believe that their IT departments should protect them against DDoS attacks. 16% of those surveyed rely on their senior management, 8% on the security department, and 4% on the Risk Management Department. In total, only 72% of companies agreed that combating DDoS is their responsibility (50% of small businesses compared with almost 90% of large companies).
“By relying on IT services providers, many companies are putting themselves at risk”, said Evgeny Vigovsky, Head of Kaspersky DDoS Protection, Kaspersky Lab. “Vendors do not usually offer this protection as a default option. Moreover, many providers are simply unable to provide reliable protection against DDoS attacks using their own resources because DDoS attacks are constantly getting bigger and more complex. Reliable protection can be only provided by companies that specialize in protection against cyberthreats and can offer highly efficient technologies and a team of qualified experts capable of constantly upgrading these technologies to meet an ever-evolving threat.”
Experience shows that almost any company, regardless of size, is a potential victim of a DDoS attack. According to the study, 28% of small businesses suffered a DDoS incident. Among large companies affected, this figure is slightly higher at 43% over the 12-month period. The experts also warn that an attack could cost more than $52,000, even for a small company.