Not a day goes by without a headline about the latest data breach or attack. Yet, in the complex world of security, how do we keep up with the ever-changing threat landscape? In this episode of TFiR: T3M, Swapnil Bhartiya sits down with Tony Lauro, Director of Security Strategy at Akamai, to discuss the security landscape and how it has evolved. He goes on to talk about zero trust and how company culture comes into the mix. He discusses how Akamai is helping customers with their security needs and shares some advice on steps they can take to become more secure.
The evolution of security from traditional IT to cloud-native
- A lot of the risk of security was offloaded onto the cloud provider 10 or 15 years ago; however, it quickly became clear that this was more infrastructure and operational assurances rather than the efficacy of your security controls. Yet as some are evolving to multi-cloud environments, the complexity of security is growing.
- We are now realizing that there are a lot of application security risks with web apps, prompting us to need to understand how it is being developed and getting the security into the pipeline rather than as an afterthought.
Are companies taking security seriously?
- The vendor space is relying heavily on security vendor relationships since building security into your applications is time-consuming and costly. There is a feeling that we are now reaching a point where developers and operations cannot handle all the complexity of security on their own.
- There is a drive toward automation with security at the forefront of the decisions being made.
Major breaches that were a cause for concern
- There have been a number of concerning data breaches and malware outbreaks in recent times but Lauro believes this is indicative of how we treat traffic once it is inside a network.
- A large group doing ransomware also released their source code last year while others are good at exploitation, which has made it easier and more lucrative for malware writers. We need to look at the weakest link and correct the course.
How has the landscape of security changed
- Lauro tells us they have seen a huge increase in local file inclusion (LSI), a threat actor that attacks in order to gain access to a device so they can get inside a network. Whereas several years ago it would have included SQL injection, remote file inclusion, and cross-site scripting, LSI is on the rise in all industries. Lauro discusses the prevalence of LSI and the potential repercussions.
The state of Zero Trust adoption
- Lauro believes zero trust is being adopted more widely now. Organizations are realizing much of our workforce is not going back to the office, so remote access has taken a central focus.
- Lauro explains the zero trust model and how it has changed over the years. Lauro believes that there is not a strong crypto relationship between the device that you make the authentication service and the FA device you say yes to. Lauro discusses the risk factors of current MFA and how the new MF technology is changing this situation.
- Software-defined micro segmentation is another key factor of zero trust enabling you to have the controls in place should a malware outbreak or bad threat actor occur.
The impact of cultural change
- Some organizations’ cultural change is advancing quickly on the defender side, teaching users not to be the weakest link. However, Lauro feels we need to create technology that works in spite of user disadvantages. He talks through the case of micro-segmentation and how attackers’ malware can take advantage of the network.
How does Akamai help its customers remain secure?
- Akamai has been deploying systems into motion multinational data centers since 1998, but customers having security problems led to their first cloud web application firewall.
- Akamai takes the telemetry of all the security events from around the world and they apply the data to customers’ security controls to help with the decision-making on what to allow or not.
- They also apply that security and intelligence into the network in software-defined microsegmentation, secure web gateway services, and zero-trust network access.
Advice for customers
- Do an analysis of your weakest areas, for instance, the DOD has a security maturity model where you can look at different controls and capabilities and compare them to other organizations.
- Since your applications are distributed across different cloud environments and vendors, so is your data. Security also needs to be broader with a more holistic approach.
This summary was written by Emily Nicholls.