Richard Yew, the Senior Director for Product Management – Security at Edgio, says ransomware attacks rise as many organizations are underprepared to deal with the threat
Tell us about the cybersecurity trends for 2023.
We continue to see an uptick in cyber attacks – which is probably no surprise to anyone, but the driving forces change over time. We saw attacks accelerate during the pandemic as life shifted even more online due to necessity, and today we find that the trend is at least partially attributed to the ongoing war in Ukraine and other major conflicts across the globe. Criminal organizations are finding nation-state buyers happy to pay handsomely to DDoS adversaries and their allies.
Additionally, the number of vulnerabilities (CVEs) discovered in the software supply chain rises every year (23.92% YoY in 2022) along with the discovery of critical zero-day vulnerabilities seems to become more frequent: Log4j, Spring4shell, to name a few. Compromising web applications to steal valuable data never goes out of style. Lastly to mention, as IoT devices proliferate, we see an increase in bad bot activity with bad guys having greater incentives than ever before to innovate, and build new evasive behaviors as the value of commerce applications continues to rise.
Even as crypto prices fell from their peak in 2021, ransomware attacks rise as many organizations are underprepared to deal with the threat, and unfortunately see no choice but to pay their captors to (hopefully) release their stranglehold on their critical systems and data.
What is the theme of your participation at GISEC 2023?
Edgio will discuss several current cybersecurity trends on the topics of DDoS attacks, the bot problem, and security supply chain concerns (CVEs, zero-day vulnerabilities). We will share some best practices to get organizations prepared to address the latest threats as well as present our approach to mitigating the latest attacks while improving performance and efficiency.
Which products and solutions will you be showcasing at GISEC 2023?
Edgio will showcase our holistic Web Application and API Protection (WAAP), which lowers risk by providing protection for web applications and APIs that is accurate, and was built by design to increase performance, and developer velocity and reduce infrastructure + operational costs.
How are you equipped to help companies overcome digital security and privacy challenges?
Edgio’s WAAP solution addresses a wide range of digital security concerns related to securing applications and the critical data behind them using a variety of innovative detection techniques as well as leveraging the benefit of our expansive global network which gives us the privilege to inspect millions of packets per second.
In addition to the innovative protections in place to guard PII stored behind applications, Edgio invested heavily in compliance measures including PCI-DSS Level 1, SOC2, and ISO27001 to meet the most stringent requirements of nearly all organizations and entities, lowering their burden when it comes to protecting their stakeholders’ privacy.
Is there a skills gap in the cybersecurity industry? What needs to be done in order to bridge that gap?
There is definitely a skills gap in the cybersecurity industry. According to the SANS Institute, there’s currently more than 3.5 million global cybersecurity talent shortage. It’s confirmed by the customers we speak with every day. This customer reality guides Edgio’s strategy, from a product and services perspective in several ways:
- We design products and services in ways that are highly intuitive, developer-friendly, and with automation in mind
- Our solutions are designed to help customers accelerate detection & response time to new threats
- Our detection/decision engines are carefully designed and updated to reduce false positives to cut down on alert fatigue
Edgio’s solutions are built for self-service, but our managed security services can help with day-to-day operations and our 24×7 SOC is there for you before, during, and after an attack.