Written by Sr. Solutions Engineer, Micah Maryn.
Most folks around the Washington DC beltway have heard the cybersecurity Executive Order (EO 13800 - Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure) referred to as a simple risk assessment. But the reality is that it is much more about broadly modernizing federal IT infrastructure and improving the cybersecurity of our federal networks. Sure, the first step is a risk management report, but the next focuses on procurement of shared IT, including cloud and cybersecurity services.
Sound familiar? It should.
Beginning with the "Cloud First" policy of the previous Administration, there have been consistent recommendations from the federal government for the use of shared IT and cloud services as a method to modernize federal IT. As we know, modernization can reduce the cost of operations and maintenance, and increase investment into continuous development, modernization and enhancement (DME).
The second part is critical to cybersecurity; In the rapidly evolving threat landscape continuous DME is required if you are to adapt to and mitigate emerging threats. Cybersecurity needs to be scalable and adaptable. Expanding host infrastructure or relying on the Internet Service Provider (ISP) to mitigate the size of attacks generated by highly distributed botnets, like Mirai, is not a practical approach. Furthermore, physical infrastructure often limits adaptability.
What's different is that the new policy expands the scope of shared IT services to specifically include cybersecurity. This cloud security will improve cybersecurity with services and solutions that will extend the security perimeter in fronts of the ISP, providing agencies with the scalability and flexibility they need. With the security layer extended to the Internet, visibility is also increased.
I used the botnet example earlier, but cloud security helps with other attacks, as well, including volumetric attacks targeting websites and/or applications, DNS and the host network. Cloud security is also good for application layer attacks designed to exhaust resources, deface web sites and steal data. It can also help prevent infrastructure failures, secure remote access and prevent internal users from inadvertently introducing threats.
One thing that each of these risks has in common is what lies between potential threats and the host environment, namely the Internet. This is where cybersecurity needs to begin, and this is where Akamai can help.
Akamai extends the security perimeter to the edge of the Internet with a set of security solutions integrated into the largest, most distributed, FedRAMP accredited (JAB-ATO) cloud infrastructure on the Internet - the Akamai Intelligent Platform™. Consisting of more than 233,000 servers in over 130 countries and within more than 1,600 networks around the world, the Akamai Intelligent Platform™ is deployed within one network hop of 85 percent of all client users - extending the security perimeter to within one network hop of 85 percent of all threats.
Akamai has carefully designed the platform architecture to be robust and fault tolerant. Reliability is ensured with layers of redundant infrastructure and systems with dynamic failover mechanisms. As a result, the Akamai Intelligent Platform™, and the solutions operating within it, have a 100 percent availability service-level agreement.
Highly distributed threats require highly distributed solutions, and this architecture enables Akamai to mitigate the largest volumetric attacks targeting websites and applications (ports 80/443), DNS (port 53) and network layer attacks that target all other ports and protocols
Not all threats are volumetric, which is why Akamai has develop security solutions that mitigate application layer threats and availability risks. A fully featured Web Application Firewall (WAF), acknowledged by Gartner, Inc. in the "Leaders" quadrant of the "Magic Quadrant for Web Application Firewalls." Akamai's WAF inspects inbound messages at the edge, blocking malicious injections, cross site scripting, enforcing application specific rate controls and dynamic IP blocks. Akamai's bot-management tools allow agencies identify the types of automated bots and apply specific rule based actions for managing the rate of access or mitigations that do not trigger changes by the botnet operator. Akamai also provides dynamic routing to mitigate the impact of regional Internet failures and dynamic failover to alternate locations if the primary host is unavailable.
There are also internal risks introduced by remote access and inadvertent connections to malicious hosts like phishing and malware sites. Leveraging Akamai's Intelligent platform, organizations can gain remote access to specific internal applications without allowing remote users direct access to the network and prevent users from within the network from connecting to malicious hosts.
Behind Akamai's security solutions is the ability to aggregate threat intelligence. Because of the global scale of the Akamai Intelligent Platform™, Akamai has unmatched visibility into Internet activity and active threats. Akamai is able to rapidly analyze the vast amounts of data aggregated by our platform with dedicated teams managing analysis tools to identify emerging threats to improve security by:
- Identifying new attack trends as they develop or new attack vectors when they first appear
- Developing and integrating new features and rules, or refining existing ones, to mitigate newly discovered threats
- Warning at-risk customers of an emerging threat and support making adjustments to their security posture
- Issuing specific threat advisories to customers
- Providing threat intelligence data feeds to customers.
Finally, Akamai has assembled a team of security experts who are proactively engaged in increasing the security posture of our customers and our platform. Akamai offers a managed security service, operating five Security Operations Centers around the world that maintain 24x7 operations to support our customers during any security event.
So why is Akamai talking about the cybersecurity Executive Order? Akamai has the platform and the solutions that will improve cybersecurity for federal agencies by extending the security perimeter to the edge of the Internet. Our architecture expands the scalability to match the largest threats, with solutions that can be tuned to meet the most granular requirements. Finally, Akamai has the threat intelligence and resources necessary to adapt to the ever-evolving threat landscape.