Home Blogs 来自会议室的想法:是什么让网络安全领导者在晚上保持清醒?
Applications

来自会议室的想法:是什么让网络安全领导者在晚上保持清醒?

About The Author

Outline

The increased dependence on the internet and web-based applications have exposed individuals, organizations, and governments to various cyber threats, making web security an essential aspect of cybersecurity. However, despite the efforts to enhance web security, various challenges still exist.

In a recent workshop with security leaders, we tried to get to the bottom of what was keeping them awake at night.

Here’s a summary of their key issues and our tips on how to address them.

1. The time it takes to make changes using outdated processes.

Many organisations have outdated processes that require approval from various stakeholders before changes can be made, leading to delays in implementing security measures. This delay increases the organisation’s exposure to cyber threats and is further complicated by the other major obstacle in web security – determining who owns risk- the Board, CISO, CRO, or CEO.

Each of these stakeholders has a different perspective on risk, making it difficult to come to a consensus on security-related decisions.

We discovered that a number of organisations we spoke to were indeed frustrated by how long it takes to make even simple changes, like a firewall change. Such is the lack of confidence in making changes that they had to initiate processes where the Heads of Privacy, Risk, and Security are all in a room approving changes together. This is clearly an inefficient way of operating and is likely the result of not having clear enough data on the impact of changes in production.

Solution

If engineers had access to real-life production data on their changes and received this data in real-time it would address many of the challenges listed above. By combining Edgio’s Dual WAAP (Illustration below), real-time observability (Core Web Vitals, Errors, Cache Hit), and config propagation in less than 60 seconds technical teams could make changes with greater confidence in a fraction of the time.

2. Challenges of moving left – more pressure on applications teams v. platform/infrastructure teams

Moving left refers to the shift towards addressing security issues early in the development cycle, the idea being that by shifting left, organisations can catch bugs earlier and get applications online quicker. This creates a challenge for application teams who must ensure security without compromising the application’s functionality.

Whilst this is undoubtedly something that all organisations should embrace, it is clear that when executed at scale this is now placing extra pressure on development teams rather than it being the responsibility of the platform/infrastructure teams which was the case five years ago.

As development teams now have a greater role in securing web applications, it is essential they are given the tools to do this as efficiently as possible so they can spend the majority of their time actually doing what they want to do…building web applications.

Solution

To lighten the load on applications engineers, with the drive to shift left, it’s vital to give them a security solution that fits into their existing DevOps process. Edgio’s EdgeJS (CDN as code) integrates into many tools including Jenkins, Github, and Gitlab, and gives technical teams instant feedback on proposed changes and how this will impact a website’s CWVs, error rate, or cache efficiency in production. By combining EdgeJS with WAAP, engineers can have a solution that allows them to make config updates in less than 60 seconds and get instant data on the effectiveness of the change.

3. Lack of talent/efficiency of talent

Everything we heard from our attendees indicated that current their security practices are inefficient, which has exacerbated the general industry challenge that there are simply not enough IT security professionals to keep up with an ever-evolving, and increasing, threat landscape. According to the International Information System Security Certification Consortium, known as ISC2, the total number of needed cybersecurity personnel across the globe rose to 3.4 million, up 26.2 percent in 2022. Alert fatigue, disjointed solutions, and difficult-to-use systems were also common issues that impacted how quickly teams can react when zero-day attacks like Log4j are identified.

Solution

Edgio’s technology can be supported by a 24x7x365 SOC staffed with CISSP-accredited engineers. Our SOC team is designed to take an additional load off our customer’s overstretched technical teams, providing full monitoring and mitigation combined with industry-leading SLAs. The team is also on standby to offer emergency assistance for zero-day threats and, in case of all incidents, will provide detailed reporting that can be used to inform executives.

4. How to be more resilient so attackers move on

Many of the individuals we talked to highlighted that they considered a basic function of their role was to make their organisation resilient enough so that attackers moved on to other, easier targets. The basic idea is that the ROI doesn’t exist for attackers spinning up new attacks when the defenses in place are far superior.

Solution

This requires companies to focus on improving the efficacy and scale of their existing security architecture. Moving to a best-of-breed approach is crucial here but it is also important to keep the operations of the overall architecture in mind. A best-of-breed approach can help to dramatically improve the MTTD / MTTR for incidents, are more effective at identifying Bots/malicious traffic, and can identify with greater effect whether an access request is an intrusion. These benefits are meaningless if the operators can’t make effective use of the technology. In choosing a solution it is important to consider whether it fits into your overall architecture and is built API-first so that SOC analysts can use the technology from their existing SIEM solution. Edgio’s Security platform seamlessly integrates with many SIEMs including Splunk, LogRythym, and SumoLogic.

Conclusion

It goes without saying, web security is a critical aspect of cybersecurity. Organisations must invest in the right resources to ensure maximum protection. Some of the challenges and issues facing web security can be addressed by adopting a holistic approach to security, including an integrated security architecture with no single point of failure, investing in security talent development, and striking the right balance between automation and human input.

Edgio’s Security solution provides a managed security approach at the edge, including DDoS scrubbing, attack traffic mitigation close to the source of the attack, advanced bot detection and mitigation, and a highly scalable global solution – helping organisations enhance their resiliency against cyber threats.