What IT security professionals can learn from Click Frenzy

  • CSO staff (CSO Online)
  • — 27 November, 2012 13:19

Aside from the hard lesson learned that failure to plan and prepare will most certainly lead to disaster, there are some important lessons on governing and best practice implementation security professionals need to take from the Click Frenzy event, according to cloud computing and security experts.

For cloud analyst Rob Livingstone, the experience underlined the importance of several common-sense guidelines that are well known in the industry.

“The Click Frenzy meltdown is a classic case as to why and where appropriately selected, well designed cloud-based infrastructure and applications should be used,” said Livingstone.

“It’s a textbook case – the need for rapid deployment and a highly volatile demand requiring significant scalability, all in a secure and trusted environment. The implementation appears to have failed on all counts,” he said.

Adam Biviano, senior manager, strategic products for Trend Micro, was surprised that such a high-profile event was able to disintegrate so quickly.

“The marketing of the campaign was obviously a success, with huge levels of interest from retailers and consumers leading up to the launch,” said Biviano.

“Online retailing, however, is far more than having good-looking websites and drumming up demand. Often there’s an underlying mentality that the look and feel of websites come first, with the quality and efficiency of the underlying infrastructure coming second, which is asking for trouble – the kind of trouble illustrated so dramatically in Click Frenzy,” said Biviano.

Biviano believes that online retailers, and cloud providers in general, have to understand the dynamics at play of the online marketplace, and provide appropriate investment for availability and security.

“The huge public response showed strong confidence in e-retailing. But confidence can be easily undermined, and reports of a leaked customer database showed that you cannot cut corners when it comes to security structure and processes,” said Biviano.

“The opportunities that cloud represents to business in terms of agility and earning potential is amazing, but the cloud will also slap you down if it’s not implemented correctly,” he said.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Tags: best practices, Click Frenzy, governance

VoIP hacking is phreaking expensive

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Endpoint Security and Data Protection

Protect your computers and data.

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.