Akamai Technologies growing its market share especially in the security business

India has been a very strategic country, especially with cybersecurity. The reason is not only the size and importance of the revenue that India generates, but also the fact that India has been leading the way in terms of transforming their economy to an API economy. Compared to a lot of countries, the API economy is faster than any other country which has exposed India to a lot of the cybersecurity problems that we face. Because of the inherent security challenge that comes with the API, the focus is to use the API because of regulations and ease of use and integration between businesses. In a chat with VARINDIA, Dean Houari, Director of Security Technology and Strategy, Akamai Technologies throws light on current security trends in the country, solutions to protect the infrastructure, threats faced by the BFSI sector etc.

Solutions to protect the infrastructure  
There are two types of security, one is external, another is internal, which is new under the umbrella of zero-trust security model. The external parameter is a traditional way of securing, putting firewalls and WAF, web application firewalls at the edge of the environment. The difference between Akamai and the other vendors is that its edge is actually in a cloud. Akamai tries to position its web and API security on its distributed edge compute around the world.

As Dean explains, “In India, we have a large presence. So now we have to redirect security from far away, which can protect them from faults. Obviously, most of the attacks which we find attacking the API's are going to come from the internet, because API's are exposed. They have to be exposed as this is the way we integrate with other vendors, and with other businesses. The attackers focus fully on discovering these API's and attack them if there is a loophole or vulnerability.”

On talking about the vulnerabilities Dean says, “The era of people trying to breach the parameters is gone, people will try to steal some credentials that are easily available on the dark web or they can basically Phishing. Phishing is such a rampant problem. That can be fully automated using bots. The large malicious bot activity in India is seen as huge as encrypted. A zero day vulnerability is a bug that doesn't have a fixed sort of security patch by anyone. Akamai has been positioning a lot of its zero trust portfolio to cover these areas. Akamai is protecting against Phishing. The other one is to stop customers using VPN because the VPN is insecure. The third one is doing this web firewall to protect against malware download. Then finally, across the world we need to stop ransomware attacks, or data breaches or data theft.”

The top cybersecurity threats faced by the BFSI sector

API security and ransomware are two critical threats for the BFSI sector. This is because banks basically are forced to use APIs by the government as per a regulation. APIs are open to promote integration between the banks and the central agency, as well as banks with third parties.

“As it is open, anybody can talk to anyone. That is what the attackers take advantage of, because they put malware anywhere, or they can weaponize it. API security is really critical. Not to mention authentication, APIs don't have authentication. Anybody that has access to an API will be able to perhaps bypass authentication of an organization. We have worked with these customers and advised them how to set a strategy around API security. We want to make sure even if they get in, they will not be able to reach an environment or cause any damage,” points out Dean.

Plans to address the newer challenges

Along with the newer challenges, Akamai wants to grow market share, and especially in the security business. Dean comments, “After the pandemic, if you don't invest in cybersecurity, that actually hurts your business and we see that every day. People have realized that ignoring security or under investing eventually will hurt their business, and could actually put you out of business. India is one of the biggest gaming countries in the world. Gaming has its own challenges; obviously, companies want to make it as friendly and as accessible to players. But at the same time, if you don't have security, attackers can use them to steal identity. Along with the gaming industry, the big banks, the big ecommerce are the focus of the attackers.”

At Last

In his concluding words Dean says, “Right now, we are still facing a challenge of people really grasping the seriousness of investing in the proper right solution, because it's not just like spending money on cyber security, you have the right security strategy in place. This is why you keep seeing attacks in the news because you think you are secure, you buy these firewalls, but in fact they can be easily bypassed and so forth. All these concepts around zero trust, to stop phishing, to stop malicious credential stuffing, and lateral movement are going to be critical, more than ever. Hopefully, the government will set some standards to regulate the minimum amount of security that you can have to be in the metaverse. We also would try to have our influence with the government to set those guidelines.”