Here is a video full of highlights from CISO Series Video Chat: “Hacking Distributed Denial of Service (DDoS): An hour of critical thinking about how to predict, manage, and thwart massive traffic attacks.”
Our guests for this discussion were:
- Matthew Andriani, founder and CEO, MazeBolt
- Chris Grundemann (@ChrisGrundemann), research category lead (networking and security), GigaOm
Got feedback? Join the conversation on LinkedIn.
HUGE thanks to our sponsor MazeBolt
Best Bad Idea
Congrats to John Prokap, leader, IT security & compliance, Success Academy Charter Schools for winning this week’s Best Bad Idea!
Other honorable mentions go to:
“Forward all incoming DDOS traffic to your competition.” – Fred Gruhn, director, security and compliance, Service Management Group
“Have all employees vote on each firewall rule.” – John Prokap, leader, IT security & compliance, Success Academy Charter Schools
“Only use ephemeral IP’s for you Internet-facing ports and round robin them every 15 seconds so the attackers have no attack surface.” – Craig Hurter, director security operations, Colorado Governor’s Office of Information Technology
“Ignore it. The attackers will get bored and go attack someone else.” – Benjamin Corll, VP, cyber security and data protection, Coats
“Just pay the cloud provider for elastic compute.” – Jason, director, information security, Coalfire
“A DDoS attack affects the entire organization. Therefore, reaction and mitigation should be handled by HR.” – Sherman Homan, information technology manager, Stonebridge Solutions
10 percent better
“Set up an out of band communication plan (signal group, etc) with technical partners in case the DDOS affects normal communication channels.” – Duane Gran, director, information systems and security, Blue Ridge ESOP Associates
Quotes from the chat room
“The risk itself is owned by the business. The prevention, mitigation, resiliency, and response fall under CISO.” – Dutch Schwartz, principal security specialist, AWS