As the cyber threat landscape continues to evolve, e-commerce-based organizations often find themselves at the forefront of the computer-generated battlefield. The pressures organizations face is often more than they can grip, and as a result, they frequently find themselves sacrificing security for business performance. Although they have good intentions attempting to secure themselves, their customers, and their lines of business, oftentimes their good intentions are simply not enough. Hackers are eroding their profitability models, making fraudulent transactions, causing bot-induced outages, triggering information breaches, and the list of difficulties keeps growing for this industry.
Before the days of the Internet, most organizations who sold something only had to worry about their value proposition, their competitors, their unique product lines, their margins, and their sustainability. As long as sales were marginally increasing, and expenses were being managed appropriately, the viability of the organization was in check. However, this equation is no longer the case. Not only do online organizations face stiffer competition, they must also continue to do something, make something, or sell something that isn’t available anywhere else for the same price. As if this wasn’t enough, now organizations face an online criminal element looking to break their backs - and often their bank accounts.
Some of the largest e-commerce organizations have unlimited security budgets, tons of security technology, teams of network engineers, and security personnel by the dozens. These organizations spend untold amounts of money to keep their operations humming along. Although these organizations are lofty targets, hackers tend to focus on easier pickings. At the opposite end of the spectrum are the smallest of online organizations. These organizations often have no budget, little technology, no engineers, and little if any need for security. The reason for this is simple – they have nothing anyone would want to steal. If they went offline, were breached, or lost money, no one would know the difference.
In between the largest and smallest of organizations just mentioned, you’ll find the mid-market e-commerce operators. This market sees some of the greatest online challenges. They must continue to operate in a profitable fashion, while at the same time defend themselves from unlimited numbers of threat actors. Most people don’t realize that mid-market operators are targeted by hackers more often than any other sector. The reason for this is simple: they have something hackers want, they often have marginal security, and they are an easier, more valuable target. And here is where the problem lies.
Oftentimes, mid-market e-commerce operators have very limited options. In most cases, their margins are very thin, and they have little if any money available to shore up their cyber defenses, hire security-minded network personnel, and add security oversight and expertise. Although they desire to do a better job at cybersecurity, the reality is they will never be able to spend like the big e-commerce organizations. Security technology can be extremely expensive to deploy, there are massive skilled-personnel shortages, and security expertise is too costly with extremely high turnover. The mid-market e-commerce organizations have been primarily ignored by security technology vendors who have little if any offerings for this space. However, all of this is about to change.
As e-commerce organizations begin to move to the cloud for a host of different reasons, this is also where they can find the most relief. What mid-market e-commerce organizations of all sizes need to do is embrace the “modern-day security cloud” and what it has to offer. This security cloud is the perfect solution for those with limited budgets, limited personnel, and limited security expertise. Protection does not need to be at the expense of performance, and performance does not need to be at the expense of protection.
The modern-day security cloud delivers affordable protection and security for those who need it the most. Cloud operators have adopted sophisticated machine learning capabilities based upon human versus bot identification. More advanced managed security providers are offering cutting-edge techniques such as bot traffic shaping, where human traffic is prioritized immediately, while unwanted bot traffic is silently dropped. These security cloud operators also add multiple layers of protection to defeat DDoS attacks, manage malicious bots, protect from malware uploads, defend web applications to the highest degree, and protect API backends from malicious API calls.
The security cloud also offers performance and security at the edge, no matter where it lies. It delivers sophisticated caching, optimized routing based on anycast, and unlimited and elastic scalability for both performance and protection. This allows organizations to mobilize huge amounts of machine processing capacity, in just a few milliseconds, and only for the duration of its need. The security cloud can also engage the full scale of its cloud network, which can be used to automatically defeat resource consumption and denial of service attacks of any size; due to its availability and high performance.
Finally, the security cloud is also managed 24x7 by some of the most highly skilled network engineers who keep it operating under all conditions. In addition, the security cloud includes security experts with years of experience defending some of the most critical networks, against some of the most sophisticated attacks. It is certified to the highest of security standards and undergoes rigorous testing and auditing on an ongoing basis.
To those that embrace the modern-day security cloud, it means they are able to have just as good security as those with the largest of budgets. They also have access to as many network engineering personnel as they need. And finally, they are being protected by some of the best security resources available, all for an affordable, manageable cost. The landscape is changing for the mid-market e-commerce operators, their needs are being addressed, and relief is finally here.
About the Author:
Leon Kuperman is the founder and CTO of cloud-based cybersecurity firm Zenedge. He brings a passion for web application and more than 18 years of e-commerce and information technology leadership to the company. Prior to co-founding Zenedge, Leon was a co-founder of HostedPCI Inc. and president and CTO at Bidz.com. At both companies, his focus was on addressing the security challenges facing e-commerce websites today. Leon has also had CTO roles at Modnique.com and Truition (where we was also the founder). He began his career at IBM, which is where he was awarded a patent relating to e-commerce caching systems. Leon holds a B.A.Sc. in Computer Science from York University.
