In The News

The latest articles, blog posts and newscasts mentioning Akamai


  • 5Gradar
    April 1, 2020

    Luca Collacciani, Senior Director of Web and Security, EMEA Akamai Technologies, reveals the role of edge computing in the 5G era. The rise of 5G, which is being increasingly welcomed across the globe, is a natural evolution of the process implemented before with 4G and 3G. Yet the impact it will have in expanding our business and social operating powers is set to be extraordinary.

    Byline article by Akamai Senior Director of EMEA Web & Security Luca Collacciani.


  • Digital Transactions
    April 1, 2020

    Just how attractive to criminals are the networking connections between payments and financial-services companies, on the one hand, and third parties, on the other? Extremely.

    Criminals want to access data held by financial-services companies because that’s where the money is. But this data also includes personal information associated with a victim’s financial account, says Steve Ragan, an Akamai security researcher. “Information has value, and can be sold or traded,” Ragan says.

    “When criminals are targeting APIs, they’re attempting to bypass defenses and target as many accounts as possible,” Ragan says. “[Multifactor authentication] makes things harder for the criminals, not impossible, but certainly harder.”

    Online criminals follow patterns similar to those they observe in the physical world. The time needed to commit the crime, for example, should not outweigh the perceived return on investment.


  • Retail Experience
    April 1, 2020

    In the U.S. alone, total e-commerce sales for 2019 were estimated at $601.7 billion, an increase of 14.9 percent from 2018. This number certainly implies that retailers know what they're doing when it comes to online sales.

    But in our current climate, with online shopping going through the roof, how can retailers do even better to attract new customers and how can they keep their current customers coming back for more?

    Loyalty programs can help online retailers improve customer retention, increase cross-sell and upsell opportunities, and expand margins and revenues. But poor user experiences can impair customer satisfaction and hamper loyalty programs. Today's consumers expect fast, friction-free and secure interactions from any device. To unleash the full potential of the company's loyalty program, retailers need to accelerate website and mobile app performance, streamline digital engagements, and safeguard sensitive data.

    Byline article by Akamai Senior Industry Marketing Manager Tara Bartley.


  • ZDNet Korea
    March 31, 2020

    Akamai announced on the 31st that it is conducting a 'business continuity program' to support the remote working environment.

    Akamai's business continuity support program provides Akamai's remote access control solution, 'Enterprise Application Access (EAA)', for free for 60 days from the trial application date.

    Many companies are encouraging telecommuting to prevent the spread of Corona19. Changes in the way employees access enterprise applications are taking place in all areas of the business, from manufacturing employees who need access to key business applications at home, to airline call center agents who need to be quickly relocated to handle increasing call volumes.

    As a result, Akamai is committed to helping companies manage a sudden increase in remote users and support employees with a seamless remote working environment. Customers deploy EAA quickly to support employees, maintain productivity, and actively collaborate to help businesses create lasting value.


  • TechTarget Search Security
    March 31, 2020

    Cloud service provider Akamai Technologies, based in Cambridge, Mass., began exploring zero trust after suffering a data breach in the 2009 .

    "There wasn't really a roadmap to follow," CSO Andy Ellis said. "We just said, 'We need to figure out how we can better protect our corporate network and our users.'"

    Akamai initially aimed to restrict lateral movement within the enterprise network using , a common zero-trust goal. That presented a challenge, however, since lateral movement often happened between applications that had permission to talk to each other.

    "It's really difficult to microsegment things when your backup server can talk to everything," Ellis said. "That's where you get compromised."


  • Cyber Defense Magazine
    March 30, 2020

    Despite the myriad awareness programs and processes available, phishing attacks continue to proliferate across all industry sectors. “When we talk about phishing, we talk a lot about the technical stuff,” says Or Katz, head of research enterprise at Akamai Technologies365体育平台. “But at the end of the day, someone pressed on a link, or downloaded a file, or did something that they were not supposed to do. So, that’s the human factor, and as much technology as we’ll have [in place], the human factor will remain.” That may sound dire, but Katz assures us, there is light at the end of the tunnel, with improved processes (i.e., incentivized programs for cyber training) for security education. “It’s all a matter of awareness, and making sure people [are empowered to] make the right decision. It’s going to get better if we do the right things.”


  • DevOps.com
    March 27, 2020

    Akamai today extended its DevOps strategy to provide with continuous integration/continuous (CI/CD) platforms and IT automation tools such as Terraform from HashiCorp.

    In addition, Akamai is adding support for serverless computing functions to Akamai EdgeWorkers, a JavaScript-based framework through which application logic can be executed on the edge of the Akamai content delivery network (CDN) now as a microservice.

    365体育平台 Greg Griffiths, product marketing manager for DevOps solutions at Akamai, said the latest additions will make it easier for DevOps teams to view the Akamai CDN as a natural extension for deploying applications. Akamai . The goal is to make possible for DevOps teams to spin up new properties and make configuration changes from within the context of their CI/CD workflows, he said.


  • Data Center Frontier
    March 25, 2020

    The leading Internet content delivery network has stepped up its efforts to keep data networks running smoothly during the COVID-19 pandemic. Akamai Technologies said Tuesday that it is reducing the network resources used for gaming downloads during peak business hours, prioritizing bandwidth for healthcare workers, first responders and other business customers.

    “The Internet is being used at a scale that the world has never experienced,” wrote Tom Leighton, the CEO and co-founder of Akamai, in a . “This increased usage is causing concern about whether the Internet will be able to continue handling the ever-increasing amounts of traffic. As a result, some major regulators, carriers, and content providers are taking steps to reduce load during peak traffic times in an effort to avert online gridlock.”


  • CDSA Daily
    March 25, 2020

    Akamai March 25 announced it has added additional watermarking partners to its content protection ecosystem, offering yet another level of service protection against piracy threats that cost the media and entertainment industry an estimated $29 billion a year.

    Access Revocation addresses numerous attack vectors, including credential theft, system hacking, and VPN abuse, and the addition of more third third-party watermarking partners will give Akamai customers more options to tackle the rebroadcasting of stolen streams, according to Alex Balford, Akamai’s senior product marketing manager for media and entertainment.

    “We started off simple authentication, added encryption at the edge, which we can do on a session level, instead of an asset or user level,,” he said. “We decided to double down and work with watermarking vendors. So for content that is 4K or early release or on the premium end of the spectrum, a lot of the rights owners require watermarking. We’ve found a really effective — and commonly asked-for — solution.”


  • Tech Crunch
    March 24, 2020

    explained a few things it is doing to help mitigate the tidal wave of traffic that the internet’s infrastructure is experiencing. Although streaming video is of course a major contributor, games are a huge, if more intermittent, burden on the network.

    365体育平台 Akamai is “working with leading distributors of software, particularly for the gaming industry, including and , to help manage congestion during peak usage periods. This is very important for gaming software downloads, which account for large amounts of internet traffic when an update is released,” the post reads.


  • Security Boulevard
    March 24, 2020

    Akamai this week announced it has added a secure web gateway capability to its portfolio of managed security services, while at the same time extending the reach of its service for mitigating the impact of a distributed denial of service (DDoS) attack to public clouds.
    Akamai is also extending the reach of its service for scrubbing IT environments to help mitigate distributed denial of service (DDoS) attacks to public clouds.

    365体育平台 Renny Shen, director of product marketing for Intelligent Edge Platform at Akamai, said now that cloud service providers have been enabling end customers to “bring your own IP” capabilities to their clouds, it now makes sense to extend the Prolexic Routed purpose-built DDoS scrubbing service to public clouds.


  • TechRepublic
    March 24, 2020

    Cybersecurity company Akamai has responded to consumer demand and announced on Tuesday that it was adding new tools to its Enterprise Threat Protector service that allowed customers to send all web traffic to a proxy.

    Jim Black, product marketing manager for Akamai, explained in a blog post that the new secure web gateway capability would add a new level of security and visibility to the company's security offering while providing something that has historically been difficult to do.

    "In a nutshell, customers that need the highest level of security can now simply send all of their web traffic to Enterprise Threat Protector by using a lightweight client installed on endpoints or by forwarding traffic from an existing proxy," Black wrote.


  • CyberScoop (video)
    March 23, 2020

    Akamai’s Director of Security Technology & Strategy Tony Lauro talks with CyberScoop Editor-in-Chief Greg Otto about hackers’ attempts to crack open customer loyalty programs and what enterprises can do to stop it. “A lot of it’s about the build process,” Lauro told Otto at the 2020 RSA Conference.

    Akamai’s 2019 State of the Internet/Security report titled Media under assault provided a sobering assessment of the threats to broadcasters. Jaspal Jandu, group CISO at Akamai, noted that with today’s shift to IPTV and over-the-top (OTT) streaming, “the risks are both dramatically increased and more complex to manage”.

    365体育平台 “The application, the logic flow, of what the request looks like for the loyalty program, and what your responses are going to be, and what kind of data [the programs are] going to give up.”


  • IBC365
    March 20, 2020

    As the broadcast industry moves towards IP for both production and broadcast, Anne Morris investigates some of the security challenges involved in making the shift.

    Akamai’s 2019 State of the Internet/Security report titled Media under assault provided a sobering assessment of the threats to broadcasters. Jaspal Jandu, group CISO at Akamai, noted that with today’s shift to IPTV and over-the-top (OTT) streaming, “the risks are both dramatically increased and more complex to manage”.

    Internet-based attacks such as Distributed Denial of Service (DDoS) have been a threat in other industries for years, but are now bringing a new level of risk for broadcasters. As Jandu said, “the new world of live IP TV, where much of the world’s media is consumed, means that any attack on availability could result in subscriber retention issues, hit ad revenue, and reduce the chances of future successful bids for rights. There aren’t second chances on live TV.”


  • The Economist
    March 19, 2020

    365体育平台 The bigger worry during a period of widespread home-working is cybercrime. The National Cyber Security Centre, an arm of gchq, warned that criminals are taking advantage of fear over coronavirus to target internet users with “phishing” attacks. Unusual emails have become normal in many workplaces over the past weeks, and people have their guard down. There have also been other types of cyber-attacks, including malware and extortion. “Whenever there is some type of crisis, almost inevitably you see a spike in attacks,” says Patrick Sullivan, who runs security strategy for Akamai, another internet-infrastructure provider. Workers who use corporate machines and must log into the vpns are less vulnerable than those using personal machines and sharing home networks. But they are not immune, any more than they are from the virus itself.


  • M&E Journal
    March 18, 2020

    With the continued spread of the coronavirus, members of the Media & Entertainment Services Alliance (MESA) have responded with free offerings of their top products, moves to facilitate remote working for both their customers and employees, and offered business continuity plans to help weather the COVID-19 storm.

    Akamai, meanwhile — which has seen web traffic double during the spread of COVID-19 — offering a Business Continuity Assistance Program that includes complimentary 60-day usage of its Enterprise Application Access solution. The edge-based, cloud-based service serves as an alternative to legacy access solutions, and is designed to be deployed quickly and scale for remote workers.

    “Many organizations are experiencing a significant challenge, facing a sudden increase in remote users, because traditional remote access solutions were largely scoped with the expectation of only a limited number of people, across a global workforce, working off-site at any one time,” Akamai . “This is in sharp contrast to today’s reality, which for many companies requires being prepared to immediately enable large employee populations to work remotely and effectively.”


  • NPR
    March 17, 2020

    More people are shifting to the digital world as life outside the home is put on hold. That's putting a lot of pressure on companies to keep connections up when all their employees are trying to telework at the same time. It's also posing challenges for Internet video conferencing services.

    Many parents are being forced to work from home as close for weeks.
    It all adds up to a big test for companies of whether their systems can handle such an abrupt shift.

    365体育平台 "There is some level of scrambling there for people that maybe didn't build in a plan for the level of remote work that we're seeing," said Patrick Sullivan, chief technology officer for security at Akamai, which delivers Web content.


  • Associated Press
    March 14, 2020

    The U.S. internet won’t get overloaded by spikes in traffic from the millions of Americans now working from home to discourage the spread of the new coronavirus, experts say. But connections could stumble for many if too many family members try to videoconference at the same time.

    The sudden, unanticipated surge in millions of remote workers has forced companies to scramble to boost their capacity for secure connections through virtual private networks, said Patrick Sullivan, chief technical officer for security at Akamai, a major IT provider for business and government.

    The surge is creating some temporary bottlenecks. But because so much of computing has moved to cloud services, the shift doesn’t pose much of an on-site burden for companies, said Sullivan, with bottlenecks typically cleared in minutes or hours.


  • MarketWatch
    March 5, 2020

    Akamai and Splunk are similar to VMWare in that they are expanding from their core products to compete in cybersecurity. You can think of the pivot to security as being in the right place at the right time.

    For instance, Akamai is traditionally a content-delivery network and website-acceleration company. With this level of access to the edge, where most security hacks occur, Akamai has found itself in a serendipitous position to offer competitive security products, such as protection from distributed denial of service (DDoS) and website-application security.

    Products aside, one of the main value propositions Akamai offers is to simply reduce vendor bloat, as the company consolidates content delivery network (CDN) needs with the adjoining website security.


  • iGaming Business
    March 5, 2020

    Cloud technology has become part of everyday life for many of us. Whether it’s to store our own data, or as part of video streaming, banking or e-mail solutions, we interact with the cloud in many ways.

    While exciting on a global scale, cloud technologies pose many significant challenges for the gambling industry.

    365体育平台 In a recent white paper from Akamai, titled “Gambling and the cloud: Securing the future”, the cloud security solutions provider discusses how the industry can best approach the technology, and what the benefits may be.


  • The Daily Swig
    March 5, 2020

    Last year’s from Akamai detailed how 12 billion credential stuffing attacks targeted gamers across a 17-month period.

    While many of these vulnerabilities are in scope for most gaming bug bounty programs, including the one recently launched by Microsoft Xbox, users are still at risk from social engineering tactics such as campaigns.

    “There’s one aspect of the Microsoft bug bounty program that talks about information disclosure and security feature bypasses,” Steve Ragan, security researcher at Akamai, told The Daily Swig.

    “This is going to be critical because a lot of times if they [criminals] need to take over an account or target a player, then they have to bypass some of the stuff on the platform.”

    365体育平台 Ragan added: “But the other major attack surface for gamers is the social element, and this bug bounty is not going to be able to address that because it’s out of scope.”


  • SearchSecurity
    March 4, 2020

    Should ransomware payments be insurable?

    That question was asked by an audience member during a session at RSA Conference last week that focused on ransomware. In the session, titled "Feds Fighting Ransomware: How the FBI Investigates and How You Can Help," FBI supervisory special agent Joel DeCapua discussed how federal law enforcement .

    SearchSecurity asked a number of individuals at the same question: should ransomware payments be insurable? Here's what those interviewed had to say.

    Akamai CTO Patrick Sullivan: "Obviously it's feeding the economics of the attack when other people pay that. But I think insurance is a mature market, so I think as these insurers start paying out, the next thing that's going to happen is they're going to go build actuarial tables and figure which characteristics of organizations lead to a higher proclivity for a payout and they're going to feed that back into premiums. So, if you're doing the right things, you're covered and your premiums are lower. If you're not doing the right things, maybe you can't get covered or maybe you need the equivalent of a Lloyd's of London policy. Maybe they're going to be the lever that applies an economic influence to force better behavior."


  • Cybersecurity News
    March 3, 2020

    Federico Dios, Pre-Sales Manager & Security Evangelist, Akamai. If you are a cybersecurity professional, rest assured that there has never been a time when your skills have been more in demand than now. As companies are increasingly aware of the threats that exist and the implications of what might happen if they occur , the responsibility of having a frontline team is becoming increasingly important. While things are easy for those who try to find a position, they are complicated for those who want to hire good professionals, since demand currently exceeds supply in the labor market.

    Byline article by Akamai Senior Solutions Engineering Manager Federico Dio.


  • SD Times
    February 6, 2020

    The security of edge devices presents both a major challenge and an opportunity for building more modern edge security practices. Edge devices exist outside of the protections that IT data centers provide, according to Patrick Sullivan, the global director of security at Akamai.

    One of the most prominent concerns is the physical security of the devices, which are more vulnerable to malicious attacks and mishaps of all kinds than typical office equipment and technology safely held within corporate walls.

    However, because edge computing distributes processing, storage, and applications across a wide range of devices and data centers, it’s difficult for any single disruption to take down the network.

    “This is a very impactful architecture for people as they’re building modern security,” said Sullivan. “So that edge model allows you to kind of have a homogeneous level of visibility and protection regardless of where that computing is. If it’s across a couple of cloud providers and a couple of colocation or data centers, that edge architecture allows you to accommodate all of that compute form factor and it gives you tremendous architectural flexibility.”


  • CNET
    February 2, 2020

    is sure to be a popular way for and other fans who don't pay for cable or satellite TV service to experience the . But there's a catch. No matter which livestreaming app you choose to watch the Super Bowl, from the Fox Sports app to the NFL app to a live TV streaming service like or , you won't exactly be watching live. Instead, the stream will be delayed by up to a minute.

    Current streaming technology delivers the video not in real time but in chunks of files, each typically four to six seconds in length, which are then assembled in the buffer memory of the device, such as a or . “You can expect typical live streams to be between 20 and 30 seconds behind linear delivery methods,” said Peter Chave, principal media architect at Akamai, a company that delivers content over the internet.


  • CNBC (video)
    February 12, 2020

    Akamai CEO Tom Leighton joins “Squawk Alley” to discuss the company’s earnings and data security push.


  • Dark Reading
    February 10, 2020

    Back to the grind — time to review what needs to get done today. As a botnet, I have a very interesting job in some ways, but in others, it feels like the movie Groundhog Day. I originally was built by a criminal organization to conduct distributed denial-of-service (DDoS) attacks and then demand "protection" money to make sure it didn't happen again. Not a very innovative business model, but why fix what isn't broken?!

    I'm fortunate in that my owners have kept my code on the cutting edge, so I can be used for newer attacks like credential stuffing, brute-force password cracking, cryptomining, and even as a ticket bot to scoop up the best seats for resale. Some of my friends work as aggregators, spam bots, web scrapers, or search engines, and while we all do similar functions, I'm doing the truly exciting stuff.

    Over time, both the systems I'm made of and the types of criminal business models I'm used for have changed. Today, some of my network of hacked computers are part of the Internet of Things, such as home video surveillance cameras. As long as they have good computing power and connectivity, I'm an equal opportunity employer.

    Byline article by Akamai Senior Director Security Technology and Strategy Steve Winterfeld.


  • NECN (video)
    February 7, 2020

    365体育平台 Patrick Sullivan, CTO Security Strategy for Akamai, talks with us about the Iowa caucuses App disaster and lessons to be learned beyond elections.


  • IBC 365
    February 14, 2020

    The DPP has unveiled the first average score for participants in its Committed to Sustainability programme, which was launched last November to promote environmentally sustainable practices.

    Akamai Technologies is among the latest companies to be awarded the DPP Committed to Sustainability mark.

    Akamai director of sustainability Mike Mattera said: “We’re delighted to be a part of the DPP Committed to Sustainability programme.

    “Here at Akamai, environmental sustainability speaks to our core values as an organisation. And being able to demonstrate our dedication to reducing our impact publicly is important to us and our customers.”


  • CSO Online
    February 19, 2020

    New data from security and content delivery company Akamai shows that one in every five attempts to gain unauthorized access to user accounts is now done through application programming interfaces (APIs) instead of user-facing login pages. This trend is even more pronounced in the financial services industry where the use of APIs is widespread and in part fueled by regulatory requirements.

    According to a report released today, between December 2017 and November 2019, Akamai observed 85.4 billion credential abuse attacks against companies worldwide that use its services. Of those attacks, around 16.5 billion, or nearly 20%, targeted hostnames that were clearly identified as API endpoints. However, in the financial industry, the percentage of attacks that targeted APIs rose sharply between May and September 2019, at times reaching 75%.


  • Boston Globe
    February 20, 2020

    Akamai Technologies will be among the biggest local companies at RSA next week. It was initially known as an online media-delivery business, but cybersecurity is now a major part of Akamai’s portfolio. (Nearly one-third of the Cambridge company’s $2.9 billion in revenue last year came from cloud security.) Akamai’s chief security officer, Andy Ellis, will give a keynote address at the RSA Conference that reflects on how the fundamental problems the industry faces haven’t changed all that much over the years.

    Ellis sees Greater Boston as one of the world’s top cybersecurity hubs, probably only behind Silicon Valley and Tel Aviv. The Massachusetts Institute of Technology drives much of the sector’s success here. But Ellis said many other local institutions play key roles, as well: Northeastern, WPI, and Wentworth, to name just a few.


  • Security Guy TV
    February 17, 2020

    Tony Lauro on Security Guy TV, a weekly live radio/TV show about all things security with host Chuck Harold where they discussed software development and fixing appsec flaws before they are created.


  • FedScoop
    February 19, 2020

    365体育平台 San Martin spoke with FedScoop at the Duo Zero Trust Security Summit.


  • Forbes
    February 22, 2020

    It should come as no surprise that banks and other financial service providers are a favorite target of hackers. The volume of attacks they face, however, is truly shocking.

    A new report (PDF link) from Akamai Technologies revealed some staggering figures about one kind of attack: fraudulent logins. Over a two-year period ending in November of last year, Akamai tracked more than 85.4 billion malicious login attempts.

    On August 7th of last year, however, a single financial service business was faced with a full-on assault. Akamai reported over 55 million malicious login attempts during the attack.

    You read that correctly: one victim, one day, more than twice the number of fraudulent login attempts Akamai logged on an average day for every entity it monitored for such attacks.


  • Exchange4media
    February 26, 2020

    Paul Jackson from Media Industry Strategy Team, Akamai EMEA and Industry Evangelist spoke to exchange4media on the factors that are driving the growth of gaming industry in India, spending capability trends, the popularity of PUBG, and categories of games that are most likely to succeed in 2020.

    Speaking about the factors that are driving the growth of the gaming industry in India, Jackson said, “There are more and younger consumers who are typically drawn towards gaming. Earlier an individual had to buy a gaming PC or a gaming console. Now, with a decent smartphone, you can play good online games. The mobile handsets have decreased the barriers for online game players and are the driving force of the online gaming industry. The availability and accessibility to these devices have taken the gaming industry by storm and also making the gaming industry change their business model -- from making a player buy an expensive game for $60 to ‘here's a free game, once you start playing, there may be some things you want to customize is an option for you to pay $1 or $2 to do those things’. So again, the barrier to entry has come so down.”


  • AdNews
    February 26, 2020

    In 2020, media companies will continue to redefine what it means to be a publishing brand. Traditional broadcast providers are evolving into software companies, with cloud delivery mechanisms such as Infrastructure as a Service supporting this transition. Major TV networks are set to launch stand-alone, direct-to-consumer streaming services in mid-2020. And virtually every news media brand is evolving beyond its core and pivoting to paid, through digital subscriptions and ad-supported content.

    The Australian Government’s response to the and the much publicized failings of trust across the social media landscape have played a big part in this shift. To support the growth of these new businesses in a more stringent regulatory environment, investment in the delivery of content and managing the risks of operating in the digital media supply chain is critical.

    In the world of digital ads, IP-based TV and over-the-top (OTT) streaming, attacks are more complex to manage, and the stakes are higher: loss of subscribers, revenue, eyeballs, brand reputation and trust. The potential for media companies to lose rights to broadcast major sporting events or face legal action on the basis of failing to adequately protect content, means security must be a top priority. Here are three types of threats media brands and publishers will need to respond to over the next 12 months.

    Byline article by Akamai Product Marketing Manager Sandeep Singh.


  • CNBC
    February 22, 2020

    Although it’s been more than 16 years since “The Return of the King,” the final film in the series, premiered, “The Lord of the Rings” fandom in Silicon Valley has continued to swell.

    In Silicon Valley, LOTR serves as a common ground, a shared passion that tech workers can reference to communicate with and relate to one another.

    Perhaps the most popular hobbit in the tech industry is Samwise Gamgee. Although Sam is a secondary character and his main purpose is to help fellow hobbit Frodo destroy the one ring, he delivers one of the most powerful lines of the series, said Andy Ellis, chief security officer at .

    “I can’t carry it for you, but I can carry you,” Sam tells Frodo before lifting him up and carrying him up Mount Doom.

    “To me that’s the true hero,” said Ellis, who can recite the inscription written on the one ring in Tengwar, a script in LOTR that was created by Tolkien. “We don’t celebrate the people who get up every day and do the work that needs to be done and support somebody else.”


  • Fast Company
    January 24, 2020

    Job hunting is stressful enough, but when the job you’re hoping for turns out to be a scam, the sense of embarrassment and loss compounds things. Not to mention costing you money. The employment scams resulted in a median loss of $1,200 per victim.

    Recruiters are particularly valuable to criminals, both as a target and as a resource for their access to open communication with corporations, as well as job seekers vying for their attention and willing to part with sensitive information because that’s how the process works.

    For employers, employment scams can create reputation and compliance problems, since criminals will leverage established brands for legitimacy. If someone in the hiring chain is compromised, .

    Two employment scams that target recruiters and job seekers are a mix of social engineering and phishing. The result is the same: The victim is left with compromised personal information and/or financial resources.

    Read Full Story

  • Dark Reading
    January 23, 2020

    "Web cache" refers to any technology that fronts an origin web server and temporarily stores frequently accessed content so that subsequent requests for the same content can be served efficiently. Be they centralized caching proxies deployed on-premises at an enterprise or content delivery networks (CDNs) with massively distributed caching edge servers, caches have become critical Internet infrastructure that enable scalable traffic delivery.

    Attacks targeting caches are nothing new. However, it wasn't until 2017 that web cache attacks saw a significant surge in popularity, with novel exploits regularly making the headlines. Works such as "", "", and "" demonstrate disastrous vulnerabilities that are easy for miscreants to exploit.

    In our own research with academics from the University of Trento and Northeastern University, we homed in on the aforementioned web cache deception attack, or WCD for short. WCD is a particularly damaging threat, where the adversary tricks a cache into storing the victim's sensitive data, therefore leaking it on the Internet. We analyzed 340 popular websites and found that 37 were affected by WCD, also finding that simple tweaks to existing attack techniques are sufficient to discover new exploitable targets. (We will present this work, titled ": Web Cache Deception in the Wild," at Usenix Security Symposium in August 2020.)

    Byline article by Akamai Security Architect Kaan Onarliogl.

    Read Full Story

  • Boston Business Journal
    January 21, 2020

    Dozens of Massachusetts companies were among top-scoring employers for LGBTQ-inclusive workplace policies in the most recent report by the .

    The 2020 Corporate Equality Index rated 1,059 companies in total. Employers and law firms based in Massachusetts seeing an average score of 95 percent.

    The top-scoring Massachusetts companies on the index include Akamai Technologies Inc. (Nasdaq: AKAM), (Nasdaq: BIIB), Dunkin’ Brands Group Inc. (Nasdaq: DNKN), Eaton Vance, Eastern Bank Corp., State Street Corp. (NYSE: STT), , and Inc. (Nasdaq: VRTX). All received a “100” rating.

    Read Full Story

  • TechRepublic
    January 21, 2020

    DevOps is about constant improvement, and many trends are maturing this year and becoming pervasive. In a field as fast moving as DevOps, it's valuable to find out what might lie ahead.

    TechRepublic turned to the experts to ask their opinions on the top 11 DevOps trends worth watching in 2020:

    1. A focus on end-to-end lifecycle management will streamline DevOps workflow complexity Sid Phadkar, senior product manager at Akamai, said, "With the emergence of and CI/CD toolchains, there has been an emphasis on developing and leveraging many different tools to tackle small tasks spread across similar parallel workflows. For example, two different teams within an organization often have their own consisting of many different tools catering to version control, build automation, monitoring analytics, early testing, code review processes, and more. While organizations have reaped the benefits of catering to customized workflows, this has also led to incredible tool sprawl within often dispersed teams that can hinder productivity. DevOps vendors are often tasked with ensuring compatibility with tools from other vendors. In 2020, the number of tools will continue to increase, but there will be a movement toward end-to-end lifecycle management and single applications that streamline tooling and workflows to ultimately improve software development speed and agility."

    Read Full Story

  • Intelligent CIO
    January 20, 2020

    Business leaders are seemingly doing more towards closing the skills gap as the growing demand for cyberskills and a more socially mobile and diverse workforce increases. BAE Systems and the National Cyber Security Centre (NCSC) hosted a CyberFirst event in Manchester and their work to close the gap can be read in more detail . Industry experts offer their opinions on the subject.

    Richard Meeus, Security Technology and Strategy Director, EMEA at Akamai: If you’re a cybersecurity professional, there’s never been a time where your skills have been more in demand. As companies are growing increasingly aware of the threats out there and the implications of what could happen if they get breached, the onus on having a top-notch team is getting higher on the agenda. While things are positive for those trying to find a role, the other side is less so with demand far outstripping supply.

    Read Full Story

  • InfoSecurity
    January 15, 2020

    California’s Consumer Privacy Act (CCPA) went into effect on January 1, 2020. California is the most recent jurisdiction to add privacy legislations, but it will not be the last. Industry experts offer their opinions on the subject.

    More than 40% of Americans live in a state that is considering privacy legislation and U.S. senators from California are proposing U.S. Federal Privacy legislation. Internationally, Brazil, China, Australia, India, Japan, and, of course, Europe (GDPR) all have or have proposed privacy legislation.

    It can be a full-time job keeping track of the many nuances of all these laws. As details about CCPA began to come into focus, I spoke with numerous security and privacy executives who found themselves wrestling with a bit of confusion. Some lawyers interpreted early drafts of CCPA to prohibit Loyalty Programs, though that appears to have been clarified in later drafts. While many of the privacy regulations are similar, there are nuances specific to local regulations. There are still some steps that can be taken to make it easier to comply with evolving regulations.

    Byline article by Akamai CTO, Security Strategy Patrick Sullivan.

    Read Full Story

  • Forbes
    January 14, 2020

    As we head into the new decade, cyberattacks will continue to grow in scale and volume. Cybersecurity is a fast-evolving industry, as hackers and security providers both continuously try to outsmart each other. Cybersecurity Ventures estimates that organizations will spend an estimated on cybersecurity from 2017 to 2021.

    More than 40% of Americans live in a state that is considering privacy legislation and U.S. senators from California are proposing U.S. Federal Privacy legislation. Internationally, Brazil, China, Australia, India, Japan, and, of course, Europe (GDPR) all have or have proposed privacy legislation.

    Let's look at some of the innovations and emerging technology trends that are likely to shape the cybersecurity industry in 2020.

    Phishing attacks beyond email. Phishing is the of data breaches in 2019. 2020 will see no abatement, as phishing attacks will become even more sophisticated and highly targeted than ever before. Email is no longer the only means of a phishing attack. Attackers might also send an SMS or launch targeted social engineering attacks via . New from Akamai (via Dark Reading) has uncovered that 60% of all phishing kits found on the dark web are active for 20 days or less, indicating that cybercriminals will continue to develop new evasion techniques to keep their kits undetected.

    Read Full Story

  • Total Retail
    January 14, 2020

    In March, we examined the impact of “rogue” mobile browsers that look like Chrome (but aren’t) on retailers’ digital performance, their user experiences, and their bottom lines. Now, new data looks at the performance of three Chromium-based browsers — Google Chrome, Samsung Internet, and the Miui Browser by Xiaomi — and how they stack up against one another in terms of user experience.

    But first, why is this information important for retailers? The fact is, each Chromium browser performs differently across four key criteria, all of which are critical to providing an optimized user experience that’s consistent across browsers and devices:

    • Total loading time: The time it takes for a web page to completely load.
    • The domcontentloaded (DCL) event: Determines whether a page is technically ready for interaction. For example, when core elements of a page have loaded, but images and scripts are still rendering.
    • Time to Interactive (TTI): Measures the moment at which the user can safely start interacting with the page. For instance, when the page has reached TTI, a user clicking on a “Watch Video” button will actually trigger a media player to fire up and play the desired video.
    • Longtasks: Aptly named, these are tasks that take a long time to load, and tie up a browser’s resources as they execute. For example, if a customer clicks on a link during a long task, the browser would finish the long task first and then react to the click.
    Byline article by Akamai Global Vice President of Product and Industry Marketing Ari Weil.

    Read Full Story

  • Security Boulevard
    January 3, 2020

    A report published by Akamai at the close of 2019 advises cybersecurity teams to expect to see many more weaponized cyber attacks in the New Year.

    Larry Cashdollar, an Akamai security researcher, said going into 2020 an overlap between criminal developers and nation-state actors is creating a steady stream of zero-day tools targeting specific organizations and individuals.

    As the entities that launch these attacks become increasingly more professional in how they operate, attacks stemming from credential abuse, phishing and exploitation of vulnerabilities in popular systems will only continue to grow in scale and size, Cashdollar said. In the last 17 months, Akamai has observed 55 billion credential stuffing attacks with no signs of slowing down.

    365体育平台 Overall, Akamai research identifies the U.S. as the top source for credential stuffing, followed by Russia. In terms of phishing attacks aimed at compromising credentials, thwarting these efforts is becoming more difficult because 60% of the phishing kits monitored by Akamai were active for only 20 days or less, according to the company.

    Read Full Story

  • Diginomica
    January 3, 2020

    Is the rush to compliance affecting a brand's view of trust? The CMO Council whitepaper, “ - Identifying opportunities to secure the trust in brand experiences,” noted that 57% of global marketing leaders said data security, privacy and accountability are the most critical demands of customers.

    A new term popped up in this paper: privacy-assured marketing. It comes from John Summers, VP and Chief Technology Officer at Akamai Technologies, and it means “fulfilling the contract of digital trust forged between customer and business.” Essentially, you must become a privacy-first organization, with privacy a key component of every interaction or engagement and every strategy.

    365体育平台 Summers: Brands need to make it explicit that they are a privacy-first organization, implementing the proper governance and distribution of data across brands, channels and touchpoints.

    Read Full Story

  • IBC365
    January 3, 2020

    ‘A war in which new fronts are opening up all the time’ might not be an original metaphor for the challenges facing content protection, but in reality, it’s hard to identify one that is more apt. Recent years have seen the number of potential threats confronting content creators – both from organised ‘for profit’ piracy and more casual, between-consumer sharing – growing in precisely the same period that the advertising market supporting many of them has become significantly more fragmented and uncertain.

    Amit Kasturia, senior product manager at Akamai, observes: “We do see that customers are a lot more concerned now about the ill-effects of piracy, be that in the form of loss of subscribers, revenue, eyeballs or reputation.”

    The possibility of service providers losing rights (for example, to major sporting events) or facing legal action on the basis that they have failed to adequately protect content is also shaping a landscape in which “content services are definitely looking to invest more resources into anti-piracy. You only need to look at how many organisations now have dedicated roles, such as content protection managers, to recognise that,” adds Kasturia.

    Read Full Story

  • Dark Reading
    January 2, 2020

    In the DevOps world, the biggest gains have been achieved through an "everything-as-code" approach that has made it so much easier to spin up and down reliable, repeatable infrastructure components.

    Sid Phadkar, a senior product manager at Akamai, agrees that many organizations are going to be building security policies directly within code to help deal with big compliance demands set upon them by regulations like GDPR.

    365体育平台 "There will be an uptick in DevOps tools that cater to automating more compliance-related tasks within infosec teams, thus incorporating security and compliance measures into everyday CI workflows," Phadkar says.

    Read Full Story

View Previous Stories