Akamai Adds Agentless Option for Securing IoT and OT Devices
Akamai Technologies today extended the reach of its microsegmentation platform by adding support for an agentless approach to secure internet-of-things (IoT) and operational technology (OT) devices.
In addition, the company is launching an Akamai Hunt security service that leverages the Akamai Guardicore Segmentation platform to surface cybersecurity threats.
Microsegmentation limits the blast radius of a cybersecurity breach by inhibiting the lateral movement of malware. Extending the reach of that approach to IoT and OT requires an agentless framework. Other capabilities enabled by Akamai Guardicore Segmentation include continuous device discovery, integrated device fingerprinting, visualization of enterprise assets and roaming device awareness.
Pavel Gurvich, senior vice president and general manager for enterprise security at Akamai, said the overall goal is to extend the reach of an Akamai service that enables organizations to enforce zero-trust IT policies based on ensuring least privilege access.
Most organizations would rather deploy agent software that provides more capabilities, but there are devices attached to IoT and OT networks that don’t have enough compute resources to also run agent software, he added.
Akamai Hunt extends that microsegmentation capability further by combining the infrastructure, telemetry and control data collected by the Akamai Guardicore Segmentation platform with other data collected via the Akamai content delivery network (CDN). Akamai Hunt can use that data to identify suspicious and anomalous activity that is then investigated by Akamai security experts. Those experts can also assist in threat remediation, patching of vulnerabilities and IT infrastructure hardening. The Akamai Hunt service spans both agent and agentless implementations of Akamai Guardicore Segmentation.
Depending on the organization, responsibility for cybersecurity now spans cybersecurity teams, developers and IT operations teams. Akamai is making a case for relying more heavily on a set of cybersecurity services to not only augment those teams but also shift the physical location where the battle to secure IT environments is fought to the Akamai network rather than on a corporate network.
Regardless of approach, organizations are realizing they lack the internal expertise required to combat cybersecurity threats that are increasing in both volume and sophistication. As a result, there’s a greater willingness to rely more heavily on external cybersecurity services, especially as IT environments become more distributed and more devices are attached to extended enterprise networks. The challenge is, in the absence of any microsegementation capability, it’s relatively trivial for malware to spread across a flat network, noted Gurvich.
Microsegmentation as a concept has, of course, been around for decades. Achieving and maintaining microsegementation has become more challenging, however, as various forms of edge computing have begun to gain traction. It’s much simpler to achieve that goal by relying on a service than for an internal security operations team to configure, deploy and maintain thousands of firewalls. The issue now is determining how much to spend on securing all the devices connected to an edge computing environment that will only get larger with each passing day.
