THUNDER BAY – BUSINESS – It was famously said that the only certainties in life are death and taxes. But while that may have been true back in Benjamin Franklin’s time, these days there are a few more things you can count on. Apple releasing a brand new version of the iPhone weeks after you buy yours. Your car’s engine emitting something that sounds suspiciously like a death rattle shortly after your warranty expires. And if you’re an online business or website owner in 2015, you can pretty much count on being targeted by a DDoS attack.
While the steady increase in the frequency and potency of DDoS attacks has of course resulted in a number of consequences for business owners and website owners, there’s also been a positive side effect for IT professionals in need of steady work. The numbers are in, and DDoS mitigation skills are in demand. Read on for the details of these new hiring practices, and what it means for internet security at large.
The dangers of DDoS
If you don’t know the scary facts surrounding DDoS attacks, consider yourself blessed since you’re among the dwindling number that haven’t dealt with one yet.
An unmitigated DDoS attack has been shown to cost organizations upwards of $40,000 per hour, a figure made all the more hideous by the fact that not only are 45% of organizations hit with a DDoS attack, but 74% of those organizations are attacked more than once. In addition to financial losses, victim websites are also found to suffer a loss of consumer trust, hardware or software damage, or theft of data, consumer information or intellectual property.
There are risk factors that make some organizations bigger targets than others, most certainly. Online gaming companies, online gambling websites and financial websites are especially vulnerable due to their need for constant uptime as well as their troves of consumer financial information. However, with the rise of DDoS ransom notes and botnets for hire that make it easy (and affordable) for anyone with an internet connection to launch a DDoS attack, truly no website or online business is safe.
Logical want ads
It makes sense, then, that DDoS mitigation skills are suddenly high on the wishlist of every organization looking to hire IT professionals. Anti-DDoS service providers Incapsula certainly thought so, which is why they commissioned an analysis of IT job postings to see if the rise in DDoS attacks corresponded with a demand for IT professionals with DDoS mitigation skills.
In order to identify the trends in DDoS-related hirings, Incapsula hired an analytics consulting firm that mined data from indeed.com and dice.com job posting websites. The analytics firm used a JSON API to search for postings that included the term ‘DDoS.’ A total of 37 countries were included in this analysis. Indeed.com’s job postings went back four months, while dice.com’s postings went back 30 days.
There was found to be a total of 983 open positions in network engineer, sysadmin, DevOps and security categories. (DDoS-related job postings in marketing or sales categories were excluded from the analysis.) While these 983 positions were spread out over 37 countries, a full 85% of the postings came from just eight countries: the US, China, UK, India, Korea, France, Russia and Canada. The US lead the pack with 392 postings, while China came in second with just over 200.
While it was unsurprising that the United States had so much demand for DDoS mitigation skills, it was somewhat unexpected that China’s 200+ postings numbered more than the postings in the United Kingdom, India and Korea combined – the 3rd, 4th and 5th ranking countries in the study. Incapsula speculates that this could be due to the size of China’s workforce, Chinese companies’ intolerance of website disruption, or possibly a higher frequency of DDoS attacks within the country.
The study also found that over the four months from which the data was collected, job postings rose steadily in all four of the categories, with security, of course, having the most. Network engineers was the job posting category that was found to have the second sharpest increase in postings asking for DDoS mitigation skills.
Top eight countries looking for DDoS prevention skills (Source: Incapsula)
DDoS mitigation skill requirement by job profile (Source: Incapsula)
What it all means for you
If you’re in the market for an IT job and you have the skills necessary to mitigate the increasingly complex and increasingly devastating DDoS attacks polluting the landscape of the internet, then this is all good news for you.
However, if you’re a business or website owner, then this isn’t such a rosy analysis. If you aren’t already thinking about your own DDoS protection, you need to be. For some organizations this will mean writing up one of those job postings looking for IT professionals with DDoS mitigation skills. But for many companies, hiring new full-time IT professionals just isn’t a possibility.
Regardless of whether or not you’re in a position to make new hires, you absolutely require a DDoS prevention and mitigation strategy, which can be as simple (but as stunningly effective) as investing in professional DDoS protection. You may not be able to avoid taxes, but getting slammed by a DDoS attack doesn’t need to be a definite.