Guest: Steve Winterfeld (LinkedIn)
Company: Akamai (Twitter)
Show: Let’s Talk

Cybersecurity attacks are on the rise with organizations seeing a huge growth rate of API attacks. Yet the geographical landscape is also changing with the EU now experiencing the most distributed denial-of-service (DDoS) attacks, overtaking the U.S., according to Akamai’s latest State of the Internet report.

In this episode of TFiR: Let’s Talk, Akamai Advisory CISO Steve Winterfeld shares highlights of the report, the challenges in the cybersecurity landscape and how Akamai is helping customers.

Key highlights from this video interview are:

• It is one thing to be taken offline because of a hardware failure or a cloud outage, but it is another thing altogether when someone is deliberately trying to take the company offline. Winterfeld talks about some of the ways active adversaries are taking businesses offline and how the risks have changed over the years.
• Winterfeld discusses the reasons why cyberattacks are more prevalent now saying the environments nowadays are complex and often we have data with a third party. He goes into depth about the huge growth rate of API attacks, what is causing this trend, and the repercussions.
• Certain industries are more susceptible to cyber-attacks. Winterfield talks about their latest report and how financial services can be particularly vulnerable and this year ranked number one for the most attacked.
• Winterfeld discusses the changes they are seeing in the cybersecurity landscape for different regions and types of attacks. He tells us that while the US used to be the most attacked region for denial of service, now it is the EU. He goes on to share some of the other trends they are seeing.
• Generative AI is gaining a lot of limelight right now, and Winterfeld believes we will start to see it being tied into automation more to help defenders get better information faster. However, Akamai has been using machine learning for a long time and will continue to dig deeper into utilizing it on the threat side.
• New attacks such as HTTP DDoS attacks and server-side request forgery are becoming more prevalent. Winterfeld talks about the constant stressors around federated legislation and access to talent and how this is leading to an increased need for visibility in complex environments.
• Winterfeld discusses to what extent culture is responsible for these stressors. He talks about how culture is becoming harder to manage with a predominantly remote workforce and the need to develop cyber evangelists to teach that culture about risk.
• Akamai ensures its tools are able to adapt to customers’ risk appetite, and they work to help you optimize and manage the tool. Winterfeld talks about how they are helping customers better understand the threat landscape.
• Winterfeld shares his advice for developers and CISOs saying that developers need to consider how people will abuse and break what they build and work out ways to counteract this, which may be around visibility or interrupting an attack sequence before it is complete.
• To help people avoid making the same common mistakes, Akamai has published their OWASP Top 10 for webpages, APIs, and LLMs. Winterfeld also discusses the need to reduce complexity with fewer vendors, better standards, and better integrations.
• Winterfeld talks about how organizations can find that balance between maintaining what is stable and trying out new tools, saying that if organizations feel that innovation is going to give them an advantage then they may go more toward trying new products. He also urges caution for others who do not feel like it gives them an advantage.

This summary was written by Emily Nicholls.