Insight by Akamai

Zero Trust: Content delivery network and cybersecurity

The Akamai Framework

Instances are occurring so fast that by the time you find it, you look at it, and you deter it, they've already morphed, and they've come up again because they've figured out you're onto them, and they're back at it again.

Most people involved in the world of the internet have heard of Akamai Technologies. They are famous for a cloud delivery platform that increases web performance and speed of media delivery. This is increasingly important because, in the coming years, 70 percent of all internet traffic will be video.

One can fairly say that the focus of Akamai is primarily streaming, internet, and security.

The progression was logical. After a start in streaming, Akamai moved on to content delivery. They are well known in the federal marketplace for helping distribute large files as well as having the robustness to handle peak loads.

It can be argued that in the past six years Akamai has become the largest cloud security company in the world.

Because Akamai has expertise in internet traffic, they know it is impossible to project the type of traffic you can expect. Nobody can provision and enterprise to provision for that range. This is true for national emergencies as well as predicting for an attack like a massive Distributed Denial of Service (DDOS) attack.

Rob SanMartin, sales director for Akamai, said that in today’s environment, the speed at which attacks take place is unprecedented.

“Instances are occurring so fast that by the time you find it, you look at it, and you deter it, they’ve already morphed, and they’ve come up again because they’ve figured out you’re onto them, and they’re back at it again,” he said.

During a recent interview with Federal News Radio at the Akamai Government Forum in Washington, D.C., SanMartin pointed out an enterprise cannot defend a DDOS attack from inside network. In fact, he cited reports of attacks as large as 1.3 TB per second. This is two and one-half times as large as seen before. All this took place in less than an hour.

Attacks of this magnitude put Akamai in the perfect position to help. One aspect of decreasing cybersecurity attacks is through identity management. Akamai Chief Executive Officer Dr. Tom Leighton recently said “identity will make or break trust in a digital ecosystem.”

The identity of the user must be done rapidly even with the high volume of traffic. Akamai has systems that allow for sophisticated identification of users based on characteristics like keypress detection. From there, they can score internet addresses from one to ten. From this point, humans can take the analytical part of the equation to determine to deter or not to deter.

“We’re constantly grading the reputation of the user as towhat type of activity you’re doing,” SanMartin said. “Are they things you should or should not be doing? You get scored on a scale of 1 to 10.”

Identity management is also important because more than half of logins today are not by humans, but rather by bots. A bot is a set of software instructions that can run automated instructions over the internet. They can operate at much faster speeds than humans.

SanMartin said Akamai can identify the malicious actors before they even get a chance to attack your enterprise. This is a relatively new concept called “bot mitigation.”

One key concept in bot mitigation is trying to determine if you a human or are you a bot.

This entails many factors, including the reputation of the person who has access, geographical location, time of day, kind of access required, and other factors.

The days of an appliance that acts as a firewall are useless against today’s threats. Today’s software development teams must be fast, flexible, and innovative. These are the concepts that Akamai can provide to enterprises of all kinds.

 

Listen to the full interview: