The Cybersecurity and Infrastructure Security Agency has released guidance for evaluating and mitigating the risk of distributed denial-of-service attacks against various agency websites and web services.
The Capacity Enhancement Guide: Volumetric DDoS Against Web Services Technical Guidance aims to help agencies prioritize DDoS mitigations based on mission impact and make risk-informed decisions on using available resources most effectively, CISA said Wednesday.
CISA recommends that agencies use the document as a reference when conducting an impact analysis to inform the prioritization of protections for agency assets and choosing the appropriate security controls to address the risks to organizational operations.
Federal civilian executive branch agencies are encouraged to review the guidance and apply the recommendations to protect their websites and web services against DDoS attacks.
