Advanced Persistent Threats (APT) are at the forefront of the latest cyber attacks. No organization is immune. APT incorporate the elements of electronic military warfare, where cyber criminals create detailed “Attack-in-Offense” plans that counter the best Defense-in-Depth strategies that corporations and government entities have to offer. The cyber-criminal is focused, patient, loves challenge, has plenty of resources, conducts thorough reconnaissance, and always infiltrates the weakest link in the security chain. Not even the mighty Microsoft is immune.
2014 is turning out to be the year of the hack-attack, where DDoS, APT, malware, and zero-day run wild on IT production infrastructures. Another victim is Sally’s Beauty Supply. Recently, reputable sources have indicated that 2600+ branches have been compromised, and credit card data stolen. If this report is accurate, it’s Target happening all over again. All CDNs should consider developing/acquiring security features that go above and beyond the web application firewall, helping protect clients against APTs that are being launched against corporate websites and web applications. In 2014, three CDNs have stepped up to the security plate, and deserve recognition.
Most major CDNs have vast knowledge of the global threat landscape. The accumulation of security knowledge is the benefit of being in the CDN business. All global CDNs encounter attacks on a regular basis. Fighting attacks over a period of years, generates a great deal of security intelligence that develops while fighting all sorts of threats. CDNs have the deepest understanding of the global Internet. They must leverage this expertise to expand their security portfolios. Customers need more layers of security. FireEye and Symantec need as much help as they can get, if Target, Microsoft and Sally’s Beauty Supply is any indication.
The 3 CyberSecurity CDNs
Incapsula, Akamai and CloudFlare
Incapsula is the leader of the three CyberSecurity CDNs, with its extensive security portfolio that includes Level-1 PCI Compliant WAF, Bot Protection, Backdoor Protection, Login Protection, and DDoS Protection at Layer 3, 4, and 7. Akamai is right behind Incapsula, and the #2 leader in the CyberSecurity space. My prediction is that Akamai will jump to the #1 spot in 90 days, once it acquires a security company that goes deep into the security stack. CloudFlare is the third CyberSecurity muskateer in the CDN ecosystem. The acquisition of the malware scanning company is bringing new life to CloudFlare. I expect bigger and better things for CloudFlare this year and next. Now let’s hope that other CDNs get the picture, develop robust security suites, and join this group soon.