Akamai CEO on How Guardicore Prevents the Spread of MalwareTom Leighton Explains How Microsegmentation Protects Internal Applications and Data
Akamai's late 2021 acquisition of Guardicore allowed the company to go beyond protecting public-facing web content and APIs into the deeper world of safeguarding internal applications and data, says CEO Tom Leighton.
The $600 million deal allowed the Boston-area digital experience vendor to blend public-facing capabilities with newfound internal network security abilities and compete directly against microsegmentation firms such as Illumio.
Leighton is a long-standing champion of Guardicore's microsegmentation capabilities, calling them critical to blocking the spread of malware, ransomware or data exfiltration attacks and ensuring that organizations' private data is not compromised and revealed (see: Akamai, Cloudflare, Imperva Top App & API Defense Gartner MQ).
"Historically, I think microsegmentation had a really bad reputation because it was done in a way that wasn't very practical," Leighton says. "Guardicore has changed that by doing it in software. They built their own firewall capabilities to put in the agent. It works with legacy operating systems and totally changed the game."
In this video interview with Information Security Media Group, Leighton also discusses:
- How Guardicore fits into Akamai's security portfolio in areas such as DDoS prevention;
- How Akamai differentiated itself from competitors Cloudflare and Imperva;
- Enhancements to Akamai's web application firewall and bot management tools.
Leighton co-founded Akamai in 1998 and served as its chief scientist until becoming CEO in 2013. During his time as CEO, Akamai's revenue has more than doubled while earnings per share have more than tripled, and annual revenue from Akamai's security business grew 25% year-over-year in 2021.
Michael Novinson: Hi, this is Michael Novinson with Information Security Media Group. I'm joined today by Tom Leighton. He is the co-founder and CEO, Akamai. We're going to be taking a look back at 2022 as well as to look ahead to what to expect in 2023. Good afternoon, Tom, how are you?
Tom Leighton: I'm good. How are you?
Novinson: I am doing great. Thank you so much for taking the time.
Leighton: It's a pleasure to be here.
Novinson: Same here. Why don't you start by talking a little bit about some of your inorganic investments around cybersecurity? Notably, you bought micro segmentation from Guardicore as well as IoT security from Inverse. I want to get a sense, since it's been a number of months since these deals were made? What does it meant for your customer base? And what have you been able to do with these technologies, since those acquisitions were complete?
Leighton: I think the investment in Guardicore is very important and working out extremely well. I believe that micro segmentation is really the most important defense that an enterprise can have against malware, against ransomware, data exfiltration attacks. Today, you can pretty much buy everybody's security products, and malware still finds a way in. And the key is to identify it when it gets in, and to proactively block it from spreading. And that's how you prevent the real damage. You really get into trouble when that malware spreads and everything gets locked down with ransomware, or all your private data gets compromised and revealed. And with Guardicore, you have a software agent on every application, that's watching what's going on, managing the communications for that application, so that when malware does get in, it can be isolated and quarantined, and then the security team can go in and get it cleaned up before damage is caused. Also, with Guardicore, it gives you great visibility into what's going on inside of your enterprise. Because that agent is monitoring things. And a great example of this is Log4j gets released - the vulnerability there, or, more recently open SSL vulnerability. And it can take an enterprise weeks, or sometimes months, to find all the vulnerable instances that they have in the enterprise. And the really nice thing about Guardicore, our customers that had that, within hours, we can tell them everywhere they have the vulnerability, so they can clean it up. Just by having the agent do a query to the application and depending on the response of the application, we know if the vulnerability exists in that application. So you get great visibility and protection. Historically, I think micro segmentation had a really bad reputation. And that's because it was done in a way that wasn't very practical. It was done in hardware, you'd physically segment your networks and put firewalls in between, and that wasn't very flexible. And so you ended up those companies that did it, most in, but those that did, made very big segments, because you couldn't make microsegments, it just would be totally impractical. And that defeated the purpose because the malware gets into a really big segment, and you still cause really big damage. And Guardicore, of course, changed that by doing it in software. They built their own firewall capabilities to put in the age and it works with legacy operating systems - totally changed the game. And now they've been recognized as the market leader by the analyst firms. And also the same firms are now recognizing that microsegmentation really is important. And you got to do it. And you're starting to see those requirements come into play. So we've been very happy with the Guardicore acquisition. We're investing heavily around that. You mentioned Inverse, that was a much smaller acquisition, but that gives us intelligence about the various kinds of devices that are inside the enterprise, so that we, in an automated way, have a much better idea of what is doing the talking and what should be able to talk to what inside the enterprise and is it abnormal, what we're seeing happen there.
Novinson: In terms of the Guardicore piece, how does that fit into what you've done historically, around security around application and API security as well as DDoS prevention? How does that align with microsegmentation?
Leighton: Yeah, it's different than DDoS prevention. Historically, Akamai with our app and API protection, where we're the market leader by a good margin, that's protecting more public facing apps and APIs, Guardicore and DDoS prevention, same kind of thing. It's preventing something that's accessible to the public from being taken offline. With Guardicore, that's our flagship entry in terms of enterprise security or zero trust, which is more about protecting the internal applications and data, from various kinds of attacks. And around Guardicore, we have capabilities for zero trust network access, for secure internet access, which are geared towards protecting enterprises, their data and their employees, which is a little bit different than protecting the public-facing apps and APIs. Now, over time, I think you'll see those areas come closer together. You're probably going to want application firewalls that we do today on the public-facing side, on the internal side. And so as the landscape continues to evolve, probably a blending of those capabilities.
Novinson: Absolutely! Why don't you talk a little bit about the market landscape here and own your traditional app API DDoS prevention business I know your traditional app API DDoS prevention business, it obviously competes against Cloudflare, competes against Imperva, and then on Guardicore side with the microsegmentation, obviously, Illumio is a big competitor. What do you feel your differentiators are when you're going up against these companies and competitive type scenarios?
Leighton: Well, with microsegmentation competing with Illumio, would be the fact that we actually have developed through Guardicore, our own firewall, rather than having to rely on the firewall that's in the native operating system. And that's especially important when there is no firewall and the native operating system. Also, the various firewalls that would exist, they're different. And with Guardicore, by having developed their own, you get now a very consistent way of controlling and reporting. So much better, I would say capabilities with Guardicore. And that's why it's now recognized, for example, by Forrester, and the leading analyst firm, the market leader in terms of the capabilities. Now in terms of app and API protection, Akamai really created application firewall, web app firewall, as a cloud service, about 10 years ago. And we are the market leader there by a wide margin, according to the analyst firms and in our capabilities. And so we distinguish ourselves there, by having the best security, the best capabilities is the foundation with web app firewall. And we built a lot of capabilities on top of that - bot management, very topical these days with what's happened recently, for example, with ticket sales, or in the holiday commerce season, you're selling sneakers, or pick your favorite limited quantity item, and you really need bot management. On top of that, we built account protector, which protects your banking applications, so that even if it isn't a bot, maybe now it's a human that has your credentials that had been stolen. And still, we want to stop that entity from getting access to your account, because they shouldn't have access to it, even though they managed to get your credentials; page integrity management built on top of web app firewall. And that's really important, as you want to maintain your PCI compliance, by 2025, to stay compliant, you're going to have to protect your users from Magecart attacks or from malware in the digital supply chain that's designed to compromise your user. And for example, the British Airways hack that cost them a fortune, just a few lines of code in the digital supply chain that ends up on your user's browser, and they've been compromised, and you're in big trouble. And that's where our page integrity management solution comes in. A lot of capabilities we are building on top of app and API protection that really distinguishes Akamai in the marketplace.
Novinson: Of course, and I know we've talked quite a bit about the inorganic piece, but about organically. What do you feel has been the most significant organic cybersecurity investment that you've made over this past year in 2022?
Leighton: I would say most of our offers are primarily organic, most of our capabilities. And sometimes there's a tech talk in or we make an acquisition, I would say, Guardicore is different. We didn't have capabilities at all in microsegmentation, and that's an acquisition. And we're now investing in the organic growth there. In fact, the former CEO of Guardicore, now is the senior vice president of Akamai, running all of our zero trust enterprise security solutions. But if you look at web app firewall, that was organic. You look at bot management on top, first organic and then helped with an acquisition. Account protector is organic, page integrity management, basically organic. There was a tech tuck and along the way. Audience hijacking prevention relatively new in the last year, that's organic and most recently, brand protector, which catches the phishing sites that pop up is now in beta. And that's organic development. So we do a lot of organic investment in security products.
Novinson: Of course! Let's shift gears here to the crystal ball look ahead to 2023. Off the top here, I wanted to get a sense of what you feel is the biggest market opportunity that you're hoping to go after in the year to come?
Leighton: Well, I think in the security framework, the app and API protection broadly construed a lot going on there. You see even the headlines of the attacks and we got to keep working to stay ahead of that. Now, the recent headlines, of course, those companies weren't using Akamai. If they were, I think probably they wouldn't have had the headlines. But there's a lot of work that goes on to stay ahead, and to offer new capabilities to defend against the new attacks. And of course, on the enterprise zero trust landscape, that's very early days there. And there's a lot of market opportunity, I think, going forward.
Novinson: Of course! What do you see as some of the toughest challenges are specific to security that customers are facing or going to face in 2023?
Leighton: I think an ever more sophisticated attacker, well-funded, can be a major nation-state organized crime, even hacktivism, and I think there's just too much money at stake or political will at stake that you're going to see in increasing investment on the attack side, and new capabilities developed. And so that's why it's really important to be investing for Akamai in the defenses to stay ahead and keep our customers safe.
Novinson: Of course! What do you feel is the key to success around security for customers in the year to come?
Leighton: Well, I think, working with Akamai is really important. We invest a lot in also, professional services support to help our customers maintain a strong security posture, and have the latest in services. It's a very dynamic landscape and it just changes so fast. And it's really hard to get talent, there's a lot of security startups, and it's hard for a typical enterprise to get the talent they need, never mind, keep up with everything that's going on out there. And that's where companies like Akamai in particular can really help them in a partnership approach.
Novinson: Of course! I did want to ask an Akamai-specific question here. I know, it's a sort of unique business model, you have the security piece of your legacy in the content delivery space, and then obviously, the compute piece as well, from your acquisition of Linode. From your vantage point, what's the benefit of having all three of those under the same umbrella under one roof?
Leighton: It's a great question. Akamai has had edge computing for nearly 20 years. So we've always done compute, but edge computing like function as a service, we didn't offer the core cloud compute. So you really typically could not build and run your applications on Akamai. And now you can, so that you can on one platform, build your app, run it, secure it and deliver it, and having it all on the Akamai platform will substantially lower total cost of ownership, make it easier, enable you to leverage the edge much more easily in terms of your core application, because that will be on the platform, we will have it integrated with our own backbone connecting everything up. Performance will be better. So I think just across the board, you improve performance, you improve security, you improve reliability, and you lower the total cost of ownership.
Novinson: Of course! Last question for you - what's your single biggest priority in 2023 when it comes to your security business?
Leighton: Well, keeping our customers safe, I would say. It's the number one thing, which means, we're always on but we're always staying ahead of the attacks.
Novinson: Of course! It'll be a lot to watch in the year ahead, Tom. Thank you so much for the time.
Leighton: Thank you.
Novinson: We've been speaking with Tom Leighton. He is the co-founder and CEO at Akamai. For Information Security Media Group, this is Michael Novinson. Have a nice day.