August 12, 2021
GRF Cybersecurity Risk Assessment and Scorecard Blog Series
Organizations use their online presence to attract donors, members, and clients from around the globe – often using videos, pictures, and interactive resources to engage these visitors. It is essential for web pages and content to load quickly because delays in load time could mean the loss of a potential client or donor.
Content delivery networks (CDNs) speed upload times. CDNs are geographically distributed servers that work together to provide web content quickly to end users. The network essentially houses copies of a website and its content in multiple data center locations, reducing the load on one server.
CDNs have many benefits. Not having your web content all on one server mitigates the risk of a Distributed Denial of Service (DDoS) attack – when hackers crash a server by sending it a huge volume of traffic all at once. CDNs can also provide important disaster recovery measures. If one server is out of service, the CDN can re-route traffic to other servers. CDNs can also reduce your web hosting costs, as they are set up to optimize the content for distribution, reducing bandwidth.
Common Risks and Vulnerabilities
CDNs are not without risks however, particularly related to the reputation and management of the systems they use.
If your CDN uses a data center that is associated with frequent suspicious behavior, your IP address may be deemed suspicious, even if you’ve done nothing wrong. Sites like Facebook, Amazon, and many email servers use IP blacklists to protect their users from possible cyberattack or fraud. Having a bad IP or domain reputation can cause your website, emails, and any associated online assets to be blocked entirely by some services.
Further, a CDN using unpatched or outdated systems is vulnerable to attack, making your website and online assets vulnerable too.
How GRF Can Help
Through our Cybersecurity Risk Assessment and Scorecard, we will scan externally facing assets to identify any potential vulnerabilities you may have with your content delivery network. The results will show any risks your organization currently has and provide remediation steps.
For more information on GRF’s Cybersecurity Risk Assessment and Scorecard, reach out to our Senior IT & Risk Analyst Darren Hulem, CISA, Security +, PCIP, or Risk Analyst Tom Brown, CAPM, through our contact us page.