Fighting ransomware relentlessly

Frustration over congestion problems in the Internet infrastructure and the high latency caused by slow browsing has led to the WWW (World Wide Web) being dubbed the World Wide Wait or Great World Wait, in Spanish.

We have been addressing the challenges of this “Great Global Waiting” for decades and have been able to take advantage of the scalability of our network at the edge (Internet edge), proximity to users and expert operations personnel to mitigate the security threats of our customers. Today, we have made great strides thanks to solutions in different categories, such as protection against DDoS, web application and API protection, bot management and network access Zero Trust. Given the incredible wave of ransomware attacks, we have chosen to incorporate Zero Trust targeting thanks to Akamai’s acquisition of Guardicore.

It was important for us to be able to offer an advanced segmentation solution to go even further into the Zero Trust space and have a clear picture of the main infrastructure configurations and the ability to apply dynamic policy control.

A Lemongrass survey found that IT leaders wanted to migrate systems to protect data, maintain data access, save money, optimize storage resources, and accelerate digital transformation. 59% of IT leaders indicated that security and compliance were the top challenges companies face when moving outdated systems to the cloud.

Regardless of how aggressively a company tries to modernize its infrastructure and adopt cloud technology, IT teams will be forced to manage a significant volume and variety of operating systems in the coming years. Protecting outdated infrastructure and IT is one of the biggest challenges CISOs face. As companies transform and digitally adopt the cloud, IoT, and DevOps, aging servers, which are the backbone of a business, are being overlooked and pose a significant risk.

The implementation of Zero Trust segmentation projects is very complex. Implementing effective segmentation begins with asset allocation and ends with policy enforcement. Some of the older hardware-based approaches include:

  • Creation of IP-based firewall rules or access control lists (ACLs) in which it is necessary to define whether to accept or reject the traffic of a network connection. Typically, tens of thousands of rules are required just to establish basic communications between systems.
  • Creation of VLAN, which defines a logical grouping of devices based on business logic (departments, applications or similar). Hardware is lacking information about workloads, making it difficult to go from basic access control to implementing a real workflow security policy.

The problem is that these approaches are not aligned. They are both very complex to administer, but also isolated. There is no visibility into all these policies and therefore it is difficult to manage them in a uniform way. This means that security teams have to manually monitor the behavior of applications and also try to coordinate controls. Multiply this number by the number of servers, operating systems, cloud instances, and applications they manage, and the problem becomes operationally overwhelming. ?? We address both challenges through independent but aligned processes.

Visibility and data analysis for suggest labels and policies (what we call AI tagging) make use of advanced machine learning techniques that simplify the asset allocation phase. In fact, it acts as an assistant to the administrator, guiding him through a difficult process using smart suggestions. Policy suggestions can improve your application by automatically suggesting the most useful policies from discovered workflows and dangerous or unnecessary traffic patterns.

This technology also provides more consistent coverage by allowing cloud controls to be used on more agent-based operating systems (outdated, no firewalls, and outdated systems). Some segmentation vendors end their support for operating systems when the operating system vendor ends theirs. This leaves large gaps in the ability to cover the expanded infrastructure of a company’s data center and is exposed to significant risks. Remember the WannaCry ransomware attacks? Outdated systems were one of the main reasons companies were affected by ransomware.

The ultimate goal is to be able to offer a quick and easy solution to reduce risks for the company. With a Unique and highly intuitive user interface that provides real-time and old data on workloads and flows.

Safety is part of the DNA of our companies. Our team understands the importance of threat detection and threat intelligence as integral components of a security solution. By having an open source attack and breach simulation (BAS) platform, we can help companies validate existing controls and identify how attackers could exploit network security breaches. Thanks to it, constant tests are carried out and continuous data is obtained to make security decisions based in real data and not in speculation.

We are confident that thanks to the focus and dedication of our teams, the same will happen with our Zero Trust segmentation solution: companies that want to stop the spread of ransomware can come to us.

Signed: Francisco Arnau, head of Akamai in Iberia and Domingo Tell├ęz, vice president of Guardicore for Iberia and LATAM.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *