The Akamai Blog Subscribe
Why Zero Trust Needs the Edge
Backhauling traffic destroys performance, and backhauling attack traffic can destroy even more. Nevertheless, in a traditional security deployment model, we are faced with the lose-lose options of either backhauling all traffic to the security stack or allowing some accesses to not go through the security stack. Of course, in the modern world where cyberattacks can cause enormous damage, the latter option is not really an option at all. All traffic
Zero Trust Network Access Is an Oxymoron
Though Zero Trust is really quite simple and should be viewed as a very strong form of the age-old principle of least privilege, that does not mean that it is the same thing. In fact, one of the most significant differences from what came before is that when it comes to access, Zero Trust is based on application access, not network access. I was surprised, then, when Gartner's new SASE
Zero Trust: Not As Scary As It Sounds
If the term Zero Trust has been popping up in your news feed with astonishing frequency lately, you may be tempted to think that Zero Trust must be a brand-new technology cooked up in a research lab at MIT and powered by the latest artificial intelligence, machine learning, quantum computing, and a 1.21 gigawatt flux capacitor. In this and subsequent blog posts, I want to make the case that, in
The Countdown Has Started -- The Move Toward Zero Tr ...
In early May 2021, the President of the United States issued an executive order on cybersecurity, and though it will take some time for executive branch agencies to develop formal rules, the order itself includes a lot of what I consider to be best practice in cybersecurity, including the use of multi-factor authentication (MFA) and Zero Trust, mentioned by name. The call for adoption of cybersecurity best practices makes a
CISA Emergency Directive 21-03: VPN Vulnerabilities ...
On April 20, 2021, the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) released an alert on the exploitation of Pulse Connect Secure Vulnerabilities with Alert AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities, as well as Emergency Directive (ED) 21-03, after a FireEye blog shed light on security incidents involving compromises of Pulse Secure VPN appliances. The directive outlines the specific actions all US federal agencies should take
Adapting Security to Work Anywhere
"Working from home 2021" was the title of my talk at The Cyber Security Summit in January, and the strikethrough is important. After a massive shift away from common workspaces in response to the global pandemic, there is no more working remotely or working from home, there is just working. The axiom, "work is what you do, not where you go" has never before been so true. The possibility
Microsoft Exchange and Verkada Hacks: Isolate Your A ...
It's been an interesting start to March in terms of public security incidents.
Is MFA a Security Illusion?
A recent Akamai Security blog post, Massive Campaign Targeting UK Banks Bypassing 2FA, written by my colleague Or Katz, is a great insight into how attackers used very simple techniques to bypass two-factor (2FA) authentication security to obtain access to U.K. consumers' bank accounts.
SolarWinds Hack and the Case of DNS Security
It's not news that some of the top government agencies and companies in the world were victims of the SolarWinds attack. At this point, I can say it's the reason I didn't have a smoother transition back into work-life following a long vacation. As I understand it, the breaches happened after malicious code was inserted into a software patch that was downloaded by the companies and agencies. The installation of