Security in the always-connected world: Akamai VP on what should new-age CTOs care about?

The digital age has transformed the way we live and work, but it has also introduced new and ever-evolving security threats. Businesses today face a complex landscape of sophisticated ransomware attacks, vulnerabilities in third-party code, and the expanding attack surface of APIs. Traditional security measures are no longer sufficient, and organisations must adopt a more proactive approach to safeguard their critical assets.

The recently concluded Tech Leaders Conclave in Bengaluru, India, featured a thought-provoking keynote session on ‘Security in the always-connected world: what should new-age CTOs care about?’, delivered by Vijay Kolli, Regional VP of Enterprise Security Group at Akamai Technologies. The session addressed the critical aspect of cybersecurity, offering valuable insights for CTOs navigating an increasingly complex threat environment.

One of the key takeaways was the stark reality of security budgets. Many companies operate with minimal security resources. This reactive approach, where companies only address security after a breach, highlights the need for a proactive security posture, where businesses prioritise application security from the get-go.

Another important takeaway was the importance of looking beyond static code analysis. "While most of you likely use static code analysis tools to identify vulnerabilities during development," Kolli pointed out, "a crucial gap exists. We need to consider runtime security as well. Are these applications vulnerable once deployed in your complex environment? Runtime code efficacy tools and API testing can help address this by identifying vulnerabilities that might emerge in your real-world ecosystem."

The keynote emphasised the evolution of security threats. Traditional security measures designed for a bygone era are no longer sufficient. The rise of APIs, remote workforces, and cloud deployments necessitates a more nuanced approach. New threats like sophisticated ransomware attacks, third-party and AI-generated code vulnerabilities, and the expanding attack surface of APIs demand a multi-layered security strategy.

Kolli offered a roadmap for CTOs to navigate this complex terrain. One core recommendation was to focus on application security, recognising applications as the backbone of modern businesses. Taking a step-by-step approach to security was emphasised, with recommendations to break down the threat landscape into manageable components.

Kolli proposed some actionable recommendations for CTOs:

• Invest in runtime code efficacy tools: These tools can identify vulnerabilities in applications after they've been built, shoring up defences.
• Embrace threat intelligence: Staying informed about the latest threats allows for a tailored security posture that adapts to evolving risks.
• Micro-perimeters for enhanced protection: Creating secure bubbles around applications can prevent lateral movement of malware within the network.
• API security with a watchful eye: Maintain an inventory of APIs and monitor their usage for suspicious activity.
• Multi-dimensional API security: Utilise solutions that analyse patterns and correlations across API calls to uncover hidden threats.
• Layered security is key: A comprehensive approach that includes infrastructure protection, DDoS mitigation, and application security is essential.
• AI-powered security tools: Leverage tools that automate tasks and provide easy-to-understand security recommendations.

Kolli’s keynote session provided valuable insights for CTOs looking to secure their organisation’s tech landscape. By prioritising application security, adopting a multi-layered approach, and leveraging the power of AI-powered tools, businesses can build a robust security posture that safeguards their critical assets and fosters trust with their customers.

Watch the entire session here.