WEBVTT 1 00:00:00.300 --> 00:00:01.860 Michael Novinson: Hi, this is Michael Novinson with 2 00:00:01.860 --> 00:00:05.250 Information Security Media Group. I'm joined today by Tom 3 00:00:05.250 --> 00:00:09.600 Leighton. He is the co-founder and CEO, Akamai. We're going to 4 00:00:09.600 --> 00:00:13.440 be taking a look back at 2022 as well as to look ahead to what to 5 00:00:13.440 --> 00:00:16.710 expect in 2023. Good afternoon, Tom, how are you? 6 00:00:17.160 --> 00:00:18.420 Tom Leighton: I'm good. How are you? 7 00:00:18.420 --> 00:00:20.580 Michael Novinson: I am doing great. Thank you so much for 8 00:00:20.580 --> 00:00:21.300 taking the time. 9 00:00:21.780 --> 00:00:23.160 Tom Leighton: It's a pleasure to be here. 10 00:00:23.690 --> 00:00:26.690 Michael Novinson: Same here. Why don't you start by talking a 11 00:00:26.690 --> 00:00:29.630 little bit about some of your inorganic investments around 12 00:00:29.630 --> 00:00:33.020 cybersecurity? Notably, you bought micro segmentation from 13 00:00:33.050 --> 00:00:36.920 Guardicore as well as IoT security from Inverse. I want to 14 00:00:36.920 --> 00:00:38.840 get a sense, since it's been a number of months since these 15 00:00:38.840 --> 00:00:41.240 deals were made? What does it meant for your customer base? 16 00:00:41.240 --> 00:00:43.520 And what have you been able to do with these technologies, 17 00:00:43.670 --> 00:00:45.500 since those acquisitions were complete? 18 00:00:46.250 --> 00:00:50.030 Tom Leighton: I think the investment in Guardicore is very 19 00:00:50.030 --> 00:00:54.770 important and working out extremely well. I believe that 20 00:00:54.770 --> 00:00:59.090 micro segmentation is really the most important defense that an 21 00:00:59.090 --> 00:01:02.960 enterprise can have against malware, against ransomware, 22 00:01:03.170 --> 00:01:08.390 data exfiltration attacks. Today, you can pretty much buy 23 00:01:08.420 --> 00:01:13.100 everybody's security products, and malware still finds a way 24 00:01:13.100 --> 00:01:18.620 in. And the key is to identify it when it gets in, and to 25 00:01:18.620 --> 00:01:22.760 proactively block it from spreading. And that's how you 26 00:01:22.760 --> 00:01:26.390 prevent the real damage. You really get into trouble when 27 00:01:26.390 --> 00:01:29.030 that malware spreads and everything gets locked down with 28 00:01:29.030 --> 00:01:34.040 ransomware, or all your private data gets compromised and 29 00:01:34.070 --> 00:01:42.170 revealed. And with Guardicore, you have a software agent on 30 00:01:42.200 --> 00:01:45.740 every application, that's watching what's going on, 31 00:01:45.740 --> 00:01:50.750 managing the communications for that application, so that when 32 00:01:50.750 --> 00:01:55.550 malware does get in, it can be isolated and quarantined, and 33 00:01:55.550 --> 00:01:59.870 then the security team can go in and get it cleaned up before 34 00:01:59.900 --> 00:02:04.970 damage is caused. Also, with Guardicore, it gives you great 35 00:02:05.000 --> 00:02:08.570 visibility into what's going on inside of your enterprise. 36 00:02:08.810 --> 00:02:13.580 Because that agent is monitoring things. And a great example of 37 00:02:13.580 --> 00:02:18.890 this is Log4j gets released - the vulnerability there, or, 38 00:02:18.920 --> 00:02:24.110 more recently open SSL vulnerability. And it can take 39 00:02:24.110 --> 00:02:28.550 an enterprise weeks, or sometimes months, to find all 40 00:02:28.550 --> 00:02:33.770 the vulnerable instances that they have in the enterprise. And 41 00:02:33.800 --> 00:02:36.920 the really nice thing about Guardicore, our customers that 42 00:02:36.920 --> 00:02:41.300 had that, within hours, we can tell them everywhere they have 43 00:02:41.300 --> 00:02:44.660 the vulnerability, so they can clean it up. Just by having the 44 00:02:44.660 --> 00:02:47.510 agent do a query to the application and depending on the 45 00:02:47.510 --> 00:02:51.710 response of the application, we know if the vulnerability exists 46 00:02:51.740 --> 00:02:56.900 in that application. So you get great visibility and protection. 47 00:02:57.950 --> 00:03:01.580 Historically, I think micro segmentation had a really bad 48 00:03:02.300 --> 00:03:07.460 reputation. And that's because it was done in a way that wasn't 49 00:03:07.460 --> 00:03:10.340 very practical. It was done in hardware, you'd physically 50 00:03:10.340 --> 00:03:14.450 segment your networks and put firewalls in between, and that 51 00:03:14.450 --> 00:03:18.290 wasn't very flexible. And so you ended up those companies that 52 00:03:18.290 --> 00:03:22.580 did it, most in, but those that did, made very big segments, 53 00:03:22.610 --> 00:03:26.300 because you couldn't make microsegments, it just would be 54 00:03:26.300 --> 00:03:30.020 totally impractical. And that defeated the purpose because the 55 00:03:30.020 --> 00:03:32.870 malware gets into a really big segment, and you still cause 56 00:03:32.870 --> 00:03:35.300 really big damage. And Guardicore, of course, changed 57 00:03:35.300 --> 00:03:39.650 that by doing it in software. They built their own firewall 58 00:03:39.650 --> 00:03:42.380 capabilities to put in the age and it works with legacy 59 00:03:42.380 --> 00:03:45.050 operating systems - totally changed the game. And now 60 00:03:45.050 --> 00:03:47.930 they've been recognized as the market leader by the analyst 61 00:03:47.930 --> 00:03:51.830 firms. And also the same firms are now recognizing that 62 00:03:52.460 --> 00:03:56.630 microsegmentation really is important. And you got to do it. 63 00:03:56.960 --> 00:03:59.780 And you're starting to see those requirements come into play. So 64 00:03:59.780 --> 00:04:03.530 we've been very happy with the Guardicore acquisition. We're 65 00:04:03.530 --> 00:04:06.770 investing heavily around that. You mentioned Inverse, that was 66 00:04:06.770 --> 00:04:10.400 a much smaller acquisition, but that gives us intelligence about 67 00:04:10.580 --> 00:04:13.280 the various kinds of devices that are inside the enterprise, 68 00:04:13.550 --> 00:04:17.450 so that we, in an automated way, have a much better idea of what 69 00:04:17.450 --> 00:04:20.780 is doing the talking and what should be able to talk to what 70 00:04:20.810 --> 00:04:24.020 inside the enterprise and is it abnormal, what we're seeing 71 00:04:24.020 --> 00:04:24.680 happen there. 72 00:04:25.890 --> 00:04:28.080 Michael Novinson: In terms of the Guardicore piece, how does 73 00:04:28.080 --> 00:04:30.540 that fit into what you've done historically, around security 74 00:04:30.540 --> 00:04:33.540 around application and API security as well as DDoS 75 00:04:33.540 --> 00:04:36.390 prevention? How does that align with microsegmentation? 76 00:04:36.750 --> 00:04:39.030 Tom Leighton: Yeah, it's different than DDoS prevention. 77 00:04:39.300 --> 00:04:43.290 Historically, Akamai with our app and API protection, where 78 00:04:43.290 --> 00:04:47.460 we're the market leader by a good margin, that's protecting 79 00:04:47.490 --> 00:04:52.470 more public facing apps and APIs, Guardicore and DDoS 80 00:04:52.470 --> 00:04:55.440 prevention, same kind of thing. It's preventing something that's 81 00:04:55.440 --> 00:04:59.610 accessible to the public from being taken offline. With 82 00:04:59.610 --> 00:05:03.720 Guardicore, that's our flagship entry in terms of enterprise 83 00:05:03.720 --> 00:05:07.680 security or zero trust, which is more about protecting the 84 00:05:07.680 --> 00:05:13.080 internal applications and data, from various kinds of attacks. 85 00:05:13.290 --> 00:05:16.800 And around Guardicore, we have capabilities for zero trust 86 00:05:16.800 --> 00:05:20.340 network access, for secure internet access, which are 87 00:05:20.460 --> 00:05:24.390 geared towards protecting enterprises, their data and 88 00:05:24.390 --> 00:05:27.540 their employees, which is a little bit different than 89 00:05:27.540 --> 00:05:31.920 protecting the public-facing apps and APIs. Now, over time, I 90 00:05:31.920 --> 00:05:36.210 think you'll see those areas come closer together. You're 91 00:05:36.210 --> 00:05:39.480 probably going to want application firewalls that we do 92 00:05:39.480 --> 00:05:44.430 today on the public-facing side, on the internal side. And so as 93 00:05:44.430 --> 00:05:47.700 the landscape continues to evolve, probably a blending of 94 00:05:47.700 --> 00:05:48.840 those capabilities. 95 00:05:50.550 --> 00:05:52.350 Michael Novinson: Absolutely! Why don't you talk a little bit 96 00:05:52.350 --> 00:05:56.250 about the market landscape here. I know your traditional app API 97 00:05:56.550 --> 00:05:59.040 DDoS prevention business, it obviously competes against 98 00:05:59.040 --> 00:06:02.520 Cloudflare, competes against Imperva, and then on Guardicore 99 00:06:02.520 --> 00:06:05.100 side with the microsegmentation, obviously, Illumio is a big 100 00:06:05.100 --> 00:06:08.130 competitor. What do you feel your differentiators are when 101 00:06:08.130 --> 00:06:10.560 you're going up against these companies and competitive type 102 00:06:10.560 --> 00:06:11.310 scenarios? 103 00:06:11.850 --> 00:06:14.880 Tom Leighton: Well, with microsegmentation competing with 104 00:06:14.880 --> 00:06:19.110 Illumio, would be the fact that we actually have developed 105 00:06:19.110 --> 00:06:22.560 through Guardicore, our own firewall, rather than having to 106 00:06:22.560 --> 00:06:27.270 rely on the firewall that's in the native operating system. And 107 00:06:27.270 --> 00:06:30.600 that's especially important when there is no firewall and the 108 00:06:30.600 --> 00:06:35.220 native operating system. Also, the various firewalls that would 109 00:06:35.220 --> 00:06:38.820 exist, they're different. And with Guardicore, by having 110 00:06:38.820 --> 00:06:41.760 developed their own, you get now a very consistent way of 111 00:06:41.760 --> 00:06:46.560 controlling and reporting. So much better, I would say 112 00:06:46.560 --> 00:06:48.840 capabilities with Guardicore. And that's why it's now 113 00:06:48.840 --> 00:06:51.600 recognized, for example, by Forrester, and the leading 114 00:06:51.600 --> 00:06:55.560 analyst firm, the market leader in terms of the capabilities. 115 00:06:55.950 --> 00:07:00.030 Now in terms of app and API protection, Akamai really 116 00:07:00.030 --> 00:07:05.160 created application firewall, web app firewall, as a cloud 117 00:07:05.160 --> 00:07:09.480 service, about 10 years ago. And we are the market leader there 118 00:07:09.480 --> 00:07:12.870 by a wide margin, according to the analyst firms and in our 119 00:07:12.870 --> 00:07:16.830 capabilities. And so we distinguish ourselves there, by 120 00:07:16.830 --> 00:07:21.270 having the best security, the best capabilities is the 121 00:07:21.270 --> 00:07:24.960 foundation with web app firewall. And we built a lot of 122 00:07:24.960 --> 00:07:30.060 capabilities on top of that - bot management, very topical 123 00:07:30.060 --> 00:07:32.670 these days with what's happened recently, for example, with 124 00:07:32.670 --> 00:07:38.040 ticket sales, or in the holiday commerce season, you're selling 125 00:07:38.310 --> 00:07:42.750 sneakers, or pick your favorite limited quantity item, and you 126 00:07:42.750 --> 00:07:46.230 really need bot management. On top of that, we built account 127 00:07:46.230 --> 00:07:52.440 protector, which protects your banking applications, so that 128 00:07:52.470 --> 00:07:56.340 even if it isn't a bot, maybe now it's a human that has your 129 00:07:56.340 --> 00:08:00.000 credentials that had been stolen. And still, we want to 130 00:08:00.000 --> 00:08:05.460 stop that entity from getting access to your account, because 131 00:08:05.460 --> 00:08:07.620 they shouldn't have access to it, even though they managed to 132 00:08:07.620 --> 00:08:11.220 get your credentials; page integrity management built on 133 00:08:11.220 --> 00:08:16.350 top of web app firewall. And that's really important, as you 134 00:08:16.380 --> 00:08:21.900 want to maintain your PCI compliance, by 2025, to stay 135 00:08:21.900 --> 00:08:25.620 compliant, you're going to have to protect your users from 136 00:08:25.620 --> 00:08:30.480 Magecart attacks or from malware in the digital supply chain 137 00:08:30.480 --> 00:08:36.660 that's designed to compromise your user. And for example, the 138 00:08:36.660 --> 00:08:42.570 British Airways hack that cost them a fortune, just a few lines 139 00:08:42.570 --> 00:08:46.620 of code in the digital supply chain that ends up on your 140 00:08:46.620 --> 00:08:49.560 user's browser, and they've been compromised, and you're in big 141 00:08:49.560 --> 00:08:53.220 trouble. And that's where our page integrity management 142 00:08:53.220 --> 00:08:56.340 solution comes in. A lot of capabilities we are building on 143 00:08:56.340 --> 00:09:00.210 top of app and API protection that really distinguishes Akamai 144 00:09:00.210 --> 00:09:01.230 in the marketplace. 145 00:09:02.340 --> 00:09:04.020 Michael Novinson: Of course, and I know we've talked quite a bit 146 00:09:04.020 --> 00:09:06.570 about the inorganic piece, but about organically. What do you 147 00:09:06.570 --> 00:09:08.760 feel has been the most significant organic 148 00:09:08.760 --> 00:09:11.490 cybersecurity investment that you've made over this past year 149 00:09:11.490 --> 00:09:12.240 in 2022? 150 00:09:12.720 --> 00:09:16.380 Tom Leighton: I would say most of our offers are primarily 151 00:09:16.380 --> 00:09:19.410 organic, most of our capabilities. And sometimes 152 00:09:19.410 --> 00:09:22.470 there's a tech talk in or we make an acquisition, I would 153 00:09:22.470 --> 00:09:27.660 say, Guardicore is different. We didn't have capabilities at all 154 00:09:27.660 --> 00:09:31.140 in microsegmentation, and that's an acquisition. And we're now 155 00:09:31.140 --> 00:09:36.300 investing in the organic growth there. In fact, the former CEO 156 00:09:36.300 --> 00:09:39.450 of Guardicore, now is the senior vice president of Akamai, 157 00:09:39.450 --> 00:09:43.200 running all of our zero trust enterprise security solutions. 158 00:09:43.530 --> 00:09:47.820 But if you look at web app firewall, that was organic. You 159 00:09:47.820 --> 00:09:51.870 look at bot management on top, first organic and then helped 160 00:09:51.870 --> 00:09:55.830 with an acquisition. Account protector is organic, page 161 00:09:55.830 --> 00:09:59.400 integrity management, basically organic. There was a tech tuck 162 00:09:59.400 --> 00:10:03.060 and along the way. Audience hijacking prevention relatively 163 00:10:03.060 --> 00:10:06.570 new in the last year, that's organic and most recently, brand 164 00:10:06.570 --> 00:10:11.490 protector, which catches the phishing sites that pop up is 165 00:10:11.490 --> 00:10:15.600 now in beta. And that's organic development. So we do a lot of 166 00:10:15.600 --> 00:10:18.120 organic investment in security products. 167 00:10:19.110 --> 00:10:22.050 Michael Novinson: Of course! Let's shift gears here to the 168 00:10:22.050 --> 00:10:25.560 crystal ball look ahead to 2023. Off the top here, I wanted to 169 00:10:25.560 --> 00:10:28.140 get a sense of what you feel is the biggest market opportunity 170 00:10:28.440 --> 00:10:30.450 that you're hoping to go after in the year to come? 171 00:10:31.770 --> 00:10:36.210 Tom Leighton: Well, I think in the security framework, the app 172 00:10:36.210 --> 00:10:40.860 and API protection broadly construed a lot going on there. 173 00:10:41.790 --> 00:10:48.000 You see even the headlines of the attacks and we got to keep 174 00:10:48.000 --> 00:10:50.430 working to stay ahead of that. Now, the recent headlines, of 175 00:10:50.430 --> 00:10:55.680 course, those companies weren't using Akamai. If they were, I 176 00:10:55.680 --> 00:10:58.380 think probably they wouldn't have had the headlines. But 177 00:10:58.380 --> 00:11:03.150 there's a lot of work that goes on to stay ahead, and to offer 178 00:11:03.150 --> 00:11:06.210 new capabilities to defend against the new attacks. And of 179 00:11:06.210 --> 00:11:09.930 course, on the enterprise zero trust landscape, that's very 180 00:11:09.930 --> 00:11:13.110 early days there. And there's a lot of market opportunity, I 181 00:11:13.110 --> 00:11:14.100 think, going forward. 182 00:11:15.360 --> 00:11:18.330 Michael Novinson: Of course! What do you see as some of the 183 00:11:18.330 --> 00:11:21.960 toughest challenges are specific to security that customers are 184 00:11:21.960 --> 00:11:24.000 facing or going to face in 2023? 185 00:11:25.230 --> 00:11:28.050 Tom Leighton: I think an ever more sophisticated attacker, 186 00:11:28.950 --> 00:11:34.440 well funded, can be a major nation-state organized crime, 187 00:11:36.120 --> 00:11:44.130 even hacktivism, and I think there's just too much money at 188 00:11:44.130 --> 00:11:48.360 stake or political will at stake that you're going to see in 189 00:11:48.450 --> 00:11:51.360 increasing investment on the attack side, and new 190 00:11:51.360 --> 00:11:55.350 capabilities developed. And so that's why it's really important 191 00:11:55.350 --> 00:11:59.610 to be investing for Akamai in the defenses to stay ahead and 192 00:11:59.610 --> 00:12:01.170 keep our customers safe. 193 00:12:02.800 --> 00:12:05.560 Michael Novinson: Of course! What do you feel is the key to 194 00:12:05.560 --> 00:12:09.430 success around security for customers in the year to come? 195 00:12:10.270 --> 00:12:13.990 Tom Leighton: Well, I think, working with Akamai is really 196 00:12:13.990 --> 00:12:18.460 important. We invest a lot in also, professional services 197 00:12:18.460 --> 00:12:22.870 support to help our customers maintain a strong security 198 00:12:22.870 --> 00:12:29.530 posture, and have the latest in services. It's a very dynamic 199 00:12:29.530 --> 00:12:34.690 landscape and it just changes so fast. And it's really hard to 200 00:12:34.690 --> 00:12:42.190 get talent, there's a lot of security startups, and it's hard 201 00:12:42.190 --> 00:12:45.550 for a typical enterprise to get the talent they need, nevermind, 202 00:12:45.730 --> 00:12:49.030 keep up with everything that's going on out there. And that's 203 00:12:49.030 --> 00:12:52.330 where companies like Akamai in particular can really help them 204 00:12:52.900 --> 00:12:55.450 in a partnership approach. 205 00:12:56.530 --> 00:12:57.820 Michael Novinson: Of course! I did want to ask an 206 00:12:58.030 --> 00:13:00.670 Akamai-specific question here. I know, it's a sort of unique 207 00:13:00.670 --> 00:13:03.460 business model, you have the security piece of your legacy in 208 00:13:03.460 --> 00:13:06.220 the content delivery space, and then obviously, the compute 209 00:13:06.220 --> 00:13:09.220 piece as well, from your acquisition of Linode. From your 210 00:13:09.220 --> 00:13:11.290 vantage point, what's the benefit of having all three of 211 00:13:11.290 --> 00:13:13.180 those under the same umbrella under one roof? 212 00:13:13.870 --> 00:13:16.120 Tom Leighton: It's a great question. Akamai has had edge 213 00:13:16.120 --> 00:13:21.160 computing for nearly 20 years. So we've always done compute, 214 00:13:21.160 --> 00:13:25.330 but edge computing like function as a service, we didn't offer 215 00:13:25.330 --> 00:13:29.440 the core cloud compute. So you really typically could not build 216 00:13:29.440 --> 00:13:34.000 and run your applications on Akamai. And now you can, so that 217 00:13:34.000 --> 00:13:39.910 you can on one platform, build your app, run it, secure it and 218 00:13:39.910 --> 00:13:44.020 deliver it, and having it all on the Akamai platform will 219 00:13:44.140 --> 00:13:47.860 substantially lower total cost of ownership, make it easier, 220 00:13:47.890 --> 00:13:53.230 enable you to leverage the edge much more easily in terms of 221 00:13:53.230 --> 00:13:56.170 your core application, because that will be on the platform, we 222 00:13:56.170 --> 00:13:58.990 will have it integrated with our own backbone connecting 223 00:13:58.990 --> 00:14:03.670 everything up. Performance will be better. So I think just 224 00:14:03.670 --> 00:14:06.730 across the board, you improve performance, you improve 225 00:14:06.730 --> 00:14:09.610 security, you improve reliability, and you lower the 226 00:14:09.610 --> 00:14:10.870 total cost of ownership. 227 00:14:12.190 --> 00:14:14.770 Michael Novinson: Of course! Last question for you - what's 228 00:14:14.770 --> 00:14:17.710 your single biggest priority in 2023 when it comes to your 229 00:14:17.710 --> 00:14:18.610 security business? 230 00:14:20.590 --> 00:14:23.020 Tom Leighton: Well, keeping our customers safe, I would say. 231 00:14:23.890 --> 00:14:27.550 It's the number one thing, which means, we're always on but we're 232 00:14:27.550 --> 00:14:29.530 always staying ahead of the attacks. 233 00:14:30.640 --> 00:14:33.700 Michael Novinson: Of course! It'll be a lot to watch in the 234 00:14:33.700 --> 00:14:35.830 year ahead, Tom. Thank you so much for the time. 235 00:14:36.460 --> 00:14:37.090 Tom Leighton: Thank you. 236 00:14:37.840 --> 00:14:39.490 Michael Novinson: We've been speaking with Tom Leighton. He 237 00:14:39.490 --> 00:14:43.450 is the co-founder and CEO at Akamai. For Information Security 238 00:14:43.450 --> 00:14:46.540 Media Group, this is Michael Novinson. Have a nice day.