Akamai Acquires Guardicore for Microsegmentation Platform
Akamai Technologies today announced it has acquired Guardicore, a provider of a platform that enables IT teams to microsegment application workloads to limit the blast radius of any malware infestation, for approximately $600 million.
Charlie Gero, vice president and CTO of Akamai Security Technology Group, said Guardicore provides a granular approach to microsegmentation that Akamai will use to extend its existing services to include a zero-trust IT environment. The Guardicore platform limits user access to only those applications that are authorized to communicate with each other. As a result, the ability of malware to move laterally through application environments is sharply curtailed, noted Gero.
Some organizations have even opted to deploy Guardicore after malware has been discovered in their environment to isolate applications in a way that prevents malware from continuing to spread, added Gero.
The core issue is that once a cyberattacker makes it past a firewall, there’s no way to limit the blast radius of the malware infestation unless workloads can be segmented. Microsegmentation at the firewall level doesn’t provide enough protection, Gero noted.
The Akamai portfolio of security tools includes a web application firewall (WAF), network access tools, domain name system (DNS) firewall and a secure web gateway. The Guardicore deal is expected to close in the fourth quarter 2021, with Akamai expecting the company to add $30 million to $35 million in additional revenue in fiscal 2022.
Akamai is making a case for using its service as a demilitarized zone (DMZ) that absorbs the bulk of cyberattacks in a way that shields organizations from attacks against web applications. As part of that effort, Akamai is positioning its content delivery network (CDN) as a platform for deploying applications that it will also secure. The overall goal is to accelerate adoption of DevSecOps best practices, noted Gero.
It’s not clear to what degree microsegmentation at the workload level might discourage cybercriminals from launching attacks in the first place once they discover that the attack’s blast radius is being automatically contained. However, it may be a while before most organizations are even aware they can apply segmentation at that granular level, so it’s not likely malware infestations will subside anytime soon. Cybersecurity teams will still need to devote significant time and effort to hunting down malware.
However, as microsegmentation is applied more widely, the overall cleanup effort required once malware is activated should be greatly reduced, added Gero.
There’s always a lot of natural resistance to investing in the next great security platform after watching spending on cybersecurity steadily increase over the years. Nevertheless, it’s clear that many legacy cybersecurity technologies that organizations rely on today are being routinely circumvented. The opportunity that is presenting itself now is shifting the location of any cybersecurity battle to an Akamai CDN. That change provides a neutral zone between the enterprise and cybercriminals and adds a partner with a lot more cybersecurity expertise who is willing to help defend.
After all, once an attack occurs inside the enterprise there really is no such thing as winning. Instead, it’s really just become a question of minimizing losses.
