The ripple effects caused from the Chase incident have just begun. The fallout is massive, and for the first time in history, it seems the US financial system responsible for transacting trillions of dollars per year is vulnerable. The entire security defense chain failed miserably, starting from the security products at HQ, to the defense-in-depth strategy, and everything else in between. Although Chase generates $96B in annual revenue, has a market valuation of $226B, and spends $100M on cyber security, a small lapse in judgement created an entry point for hackers. Chase is increasing its cyber security budget to $250M, but is that going to be enough to protect against future threats? Banks can no longer depend on cyber security companies to fortify their data assets. They must get involved, and be a part of the external teams that are creating these products and services.
The big issues facing the Home Depot’s of the world include the following: shortage of InfoSec engineers, high turnover of InfoSec staff, and perimeter based security solutions not talking to the edge security POPs. Below is an idea that was presented a few weeks ago that takes a deeper look at security from a global perspective, and takes into account the different pieces of the security puzzle. For illustration purposes, we call it the “Akamai Global CDN Bank Shield.” The concept is simple to understand. Akamai and Verizon EdgeCast are the only two CDNs that can do this because its requires massive investment in infrastructure, and people resources.
To summarize the illustration, Akamai would take a big role in securing the banks data assets, and integrate their security platform into the banks back end security infrastructure. Akamai would act as the primary SecOps team for the banks, monitoring every alert, making sure the threats are mitigated quickly. The NOC would consist of a few hundred SecOps members that are solely dedicated to the banks. Banks have a difficult time retaining InfoSec engineers, but Akamai not as much, since they are pushing the security innovation envelope, and engineers like that.
Akamai is the First and Last Line of Defense
Security Problems of Fortune 500
- Home Depot, Chase and many other large companies have high turnover rates in their infosec departments
- Corporate bureaucracy, red tape and politics makes it impossible for banks to focus on securing their information assets
- Current security defense infrastructure works in silos
- Corporations deploy thousands of applications, databases, web properties, and systems making it impossible to guard each one
CDN Bank Shield
- CDN acts as an outer global security shield to banks
- All inbound and outbound packets go through the CDN shield
- CDN integrates into existing back end security infrastructure such as Palo Alto, FireEye, Symantec, Cisco….
- CDN takes primary responsibility for SecOps – monitoring traffic, acting on alerts, and acting as the first and last line of defense