‘Segmentation is fastest growing security solution
The unfortunate truth is that you could buy everybody’s security products, and malware will still get into the enterprise, says Tom Leighton, CEO of Akamai Technologies, as he settles down to talk to us during a trip to India recently. Akamai started off with technologies that accelerated content delivery, but Leighton says that in 2023, the security business will become the company’s biggest product line.
Most security companies have seen a surge in business since the Covid pandemic, following the massive shift to digital transactions. Leighton says security breaches are inevitable as companies shift to the cloud. “Enterprises are enormous, many of them don’t even have visibility into all their applications and what app is accessing what, and you move to the cloud, suddenly your environment changes, and you don’t know the right security policies to put in place,” he says.
Open source risks
Even open source technologies, which enterprises are increasingly using, often come with vulnerabilities. “It became a big issue when vulnerabilities were discovered in Log4J, and more recently the OpenSSL vulnerabilities. Enterprises had to scramble to find out where they had that software. It’s open source, so it’s everywhere. And it takes them weeks or months to find it in that massive enterprise infrastructure,” he says. The Log4J and OpenSSL vulnerabilities had existed for many years.
He says hackers across the globe, including in India, have become so sophisticated that they do not need to get into a system to cause trouble. And most of this is happening in the area of credential theft.
“There could be an email that looks like you’re going to your bank’s site or you click on your favourites, and the bank site shows up, rather it looks just like your bank. You type in your password. Without you even realising, they have your password,” Leighton says.
Such ‘man in the middle’ kind of attacks are increasing in India with an increase in e-commerce.
Leighton provides the example of one of Asia’s largest banks that identified 200 phishing sites within one week of a Beta test using Akamai’s Guardicore product.
There are a variety of security solutions today, designed to protect enterprises from different kinds of threats, designed to defend different parts of the digital infrastructure. But Leighton says the fastest growing for Akamai is the segmentation solution.
This is like placing a firewall on every action an application can do. “The damage isn’t caused with the first machine the malware gets into with ransomware, or with data exfiltration. With ransomware, the damage is caused when it spreads and locks everything down. Usually, it does not matter what the malware does to the first server that is compromised. In data exfiltration, the malware may first get into a server that has no data. But from there, it spreads and goes and collects all the data, and exfiltrates it,” Leighton says.
Segmentation technologies come with a zero trust security framework which dictates that only authenticated and authorised users and devices can access applications and data. This enables quick identification of malware, and then it restricts the malware to that segment. “If it gets in but cannot spread, you won’t have any damage. Segmentation has become more and more of a requirement for critical infrastructure companies,” Leighton says.