Akamai Diversity

The Akamai Blog

Recently by Meg Grady-Troia

Meg Grady-Troia

Meg Grady-Troia

May 11, 2017 3:12 PM

DDoS Attacks against DNS Infrastructure in the News

DNS-based DDoS attacks have gained mindshare among Akamai customers lately, most recently with last year's Dyn attacks (written about on the Akamai Blog here and here) and this week's attack against Cedexis. DNS infrastructure is a ripe target for malicious actors hoping to disrupt a digital property's availability because it provides the initial resolution for an end user's browser client from hostname to IP address. At best, an attack against

Meg Grady-Troia

Meg Grady-Troia

April 28, 2017 12:17 PM

Low Risk Threat: DDoS Extortion Letters

Summary Adversaries calling themselves the Lizard Squad have been sending businesses extortion letters, demanding payment in bitcoin to prevent a Distributed Denial of Service (DDoS) or other attack against their applications. These letters have been sent to businesses across the globe and across industries for several years, with little follow-through. These letters appear to come from multiple groups including Lizard Squad, the Armada Collective, and DD4BC, though in many case

Meg Grady-Troia

Meg Grady-Troia

March 27, 2017 9:21 AM

Supply Chain Security: Akamai from a Customer's Risk ...

Managing risk is a key aspect of any business. This becomes more complicated when additional parties, such as vendors are brought into the mix. One of the strongest pieces of guidance on managing vendors that customers have brought to Akamai comes from the US Office of the Comptroller of the Currency (OCC) Bulletin 2013-29, wherein the OCC recommended that financial institutions strengthen their preparedness around third-party risk management, particularly in

Meg Grady-Troia

Meg Grady-Troia

February 15, 2017 10:24 AM

Information Security Custom Audits for Akamai Custom ...

Over the last two years, Akamai has seen an increase in the number of customers who wish to run their own review of Akamai, either to satisfy their own information security or risk management program, or to gain the expertise to explain Akamai to their regulators and consumers. This increase is due to a confluence of factors, from Akamai's increased global sales presence, to heightened regulation of certain verticals by

Meg Grady-Troia

Meg Grady-Troia

January 26, 2017 1:44 PM

Akamai's Global Content Distribution Network: Replac ...

Many customers ask Akamai about Disaster Recovery testing and Business Continuity planning as a part of their due diligence or risk management process. Customers expect to see a governance document maintained by a central authority, a list of systems with Recovery Point Objectives (RPO), Recovery Time Objectives (RTO), and a documented testing plan that is enacted quarterly or annually. Akamai reframes these questions to better match our approach to continuity

Meg Grady-Troia

Meg Grady-Troia

October 18, 2016 11:09 AM

Akamai Undergoes SOC 2 Assessment: Adding a Service ...

Akamai completed its first assessment against the SOC 2 standard this summer, and has released its first report on compliance under NDA. What is the SOC 2? The SOC (Service Organization Controls) 2 is a security standard aimed at Service Organizations. The SOC 2 is developed and maintained by the AICPA (American Institute of CPAs),which breaks goals for secure operations into 5 different categories called trust principles. The trust principles

Meg Grady-Troia

Meg Grady-Troia

August 9, 2013 8:14 AM

DefCON Observations from a First-Timer

In April of this year, InfoSec launched a new team called Customer Compliance. Several senior InfoSec employees joined its ranks, and I was hired into the team. My name is Meg Grady-Troia, and I'm a member of Akamai's Customer Compliance team because I am an anthropologist, an educator, and a writer. My job is finding creative and effective ways to begin sharing Akamai's security posture and platform with our customers,