Amr Alashaal, Regional Vice President – Middle East at A10 Networks on DDoS protection concerns.
2020 was a year that changed the world as we know it. The global pandemic revolutionized our work lives as remote working became the norm and this trend is expected to continue into the future. For communication service providers, the pandemic brought about challenges but also opportunities for growth – provided they are cognizant of customer demand and use patterns and adjust two key success factors – scale and DDoS security.
Clearly, a return to pre-pandemic working practices is unlikely to happen. To learn more about the impact on networks and cyber security that COVID-19 has had on service providers, A10 Networks commissioned a survey and the results from the Middle East provide interesting insights. A large proportion of the senior IT professionals that we surveyed were adamant that the workplace won’t snap back to how it was before COVID-19, and that they expect and are preparing for a hybrid approach to working practices. The pandemic significantly raised awareness around the resiliency of the network and the robustness of security, and going forward, subscribers and enterprises expect much stronger security from their communications service providers and will demand more in their SLAs and expand to other types of service providers to get this commitment.
Increase in Customer Demand
Without a doubt, COVID-19 has had a significant impact with 99 percent of all Middle East respondents having experienced an increase in demand. There is a lot of work to be done by SPs in the Middle East as they lag behind their compatriots in other markets in terms of scaling up network infrastructure in response to increased demand for data and network bandwidth from customers.
Ninety-nine percent of all Middle Eastern service provider respondents said that COVID-19 has accelerated their transition to a more distributed environment. Middle East communication service providers are seeing increased demand from different locations, and this has forced them to redistribute network capacity and scale up in specific locations.
Cyber Security/DDoS Security Concerns
The research highlighted the extent to which communications service providers are concerned about DDoS attacks and the need to mitigate them. Overall, it underlined that many communications service providers are vulnerable and, as a result of COVID-19, more are now investing in security in order to reinforce their defences.
One of the big cyber security challenges brought about by the pandemic with the ‘work from home’ scenario is that it has caused rapid expansion of the attack surface. Fifty-one percent of Middle East service providers have accelerated investment plans in security and this is a relatively low figure considering security, primarily DDoS security, should be a priority for every service provider. They have said that they would need additional capabilities and technologies to protect their customers’ networks from cyber-attacks in the next two years. DDoS protection is a big concern.
It is a fact that multi-vector DDoS attacks are increasing in frequency and volume, severely impacting businesses across the globe. Defending infrastructure, servers, application and users’ access during DDoS attacks can’t be accomplished by existing firewalls, intrusion prevention systems, and load balancers. In fact, in many instances, these systems are the target of attacks because they are vulnerable and can be overwhelmed by a flood of unwanted traffic. As communications service providers evolve with digital transformation and a cloud-native deployment model, they should prioritize applying more rigor to their security strategy — with up-to-date thinking and techniques — to address longstanding vulnerabilities.
The Impact of COVID-19 on Relationships and Investment Plans
As per the report, it is a mixed bag when it comes to investment. For the Middle East, the majority of respondents have planned to increase investment in security within the next three years due to the increase in traffic/ subscribers (51%). It is interesting that more than half the respondents in the Middle East plan to reduce investment in their own network and accelerate use of public cloud providers, while others plan to increase investment in networks (43%).
In terms of future investment plans, going forward providers are keen to ensure DDoS security across the network infrastructure – solutions like DDoS and ransomware protection services for enterprise customers and upgrading firewalls and other security appliances feature heavily in the plans.
Concerns Around Outages, Compliance and Multi-cloud Environments
When it comes to the diversity of environments, providers are concerned that they can continue to deliver a good level of service, so outages are top of mind, followed by granular visibility of traffic. Compliance with regulatory requirements for privacy and security was a joint third with maintaining consistent subscriber experience.