Interview: Pavel Gurvich On Cybersecurity Challenges, Akamai’s Microsegmentation Platform, And How Cyber-Criminals Are Responding To Zero Trust
Expert Insights interviews Pavel Gurvich, Senior Vice President and General Manager of Akamai’s Enterprise Security business.
One of the best advantages for a cybersecurity vendor to have is scale. Large datasets enables better threat intelligence and faster adaptation to new risks and challenges. One of the biggest security providers in the market today is Akamai, who process between seven to eight trillion DNS queries every single day. Protecting data at this scale is both a benefit and a challenge, Pavel Gurvich, Vice President and General Manager of Akamai’s Enterprise Security business tells Expert Insights.
Gurvich is responsible for Akamai’s Zero Trust–focused security solutions, including microsegmentation, Zero Trust Network Access, and multi-factor authentication. Prior to joining Akamai, Pavel was CEO and one of the co-founders of Guardicore, a microsegmentation solution acquired by Akamai in 2021. Expert Insights spoke to Gurvich for a wide-ranging interview at the 2023 RSA conference – you can listen to our full conversation here.
Akamai has a “unique vantage point,” in the security space, Gurvich says. “We are seeing a very high percentage of internet security traffic. All of that data enables us to then power and build and provide to our customers closer to the edge and where the traffic is hitting. With our enterprise products, we see what is getting inside the networks of our customers, deep inside their networks. We are probably the only company that has that amount of visibility on the public internet and the threats that are going on there.”
With such extensive visibility, Akamai can identify the high-level security challenges and trends that organizations are most commonly facing. “Ransomware is a huge challenge,” Gurvich says. “AI is not there yet but is definitely going to be used for both good and bad. And I think digital transformation and organizations moving their infrastructure to the cloud is also a huge trend and is making a big impact on how organizations are running their IT infrastructure, doing business, and hence also how that infrastructure needs to be secured.”
How To Adopt Zero Trust Principles
Adoption of Zero Trust cybersecurity principles has emerged as one of the key ways for organization to secure their network architecture in the era of digital transformation. Zero Trust is being adopted as the standard framework for how organizations should think about security, Gurvich says. It is the culmination of a number of security analysts and developers who have made Zero Trust what it is today. Multiple governments, including the US, are recommending organizations adopt Zero Trust principles.
“If you break this down and look at Zero Trust, a couple of key components are really important in this framework,” Gurvich says. People typically start with access, making sure that users only have access to specific, relevant applications, data, and resources, within the network.
But there is also Zero Trust in the network, he explains, which means ensuring that network devices and applications are only allowed to connect to other applications when absolutely necessary. This limits the scope and potential damage that a breach can do if a device is compromised. There is also the identity component of Zero Trust, he says, ensuring users are continuously verified and authenticated.
Zero Trust can be difficult to implement, if you take it too an extreme, Gurvich says. “But if you’re reasonable and pragmatic about it, you can actually reduce a whole bunch of risks very quickly and efficiently…. customers need a toolkit which includes core capabilities…that are easy to implement and engage in a pragmatic way.”
“That’s the approach we took. We built a platform that includes the fundamental Zero Trust capabilities. We integrated them. And we’re non-fanatical about how we drive our customers to implement these things.”
How Cybercriminals Are Responding To Zero Trust
The one constant in the security world is that as we develop protection, procedures, and practices, cybercriminals are innovating and developing ways to get around them, Gurvich says. As more organizations adopt Zero Trust principles, “I definitely expect us to see more sophisticated attacks, and for some of the Zero Trust principles that we deploy and think are good ideas, to be used against us.”
“But overall, if you look at this industry in the prism of say, five to ten, even fifteen years, the gradient is definitely in the right direction. I think we are making networks more secure. We are making the critical applications that run on these networks more robust and more protected. Yes, there’s more of them, hence there’s more potential to make harm or steal data, but, overall, the trends are positive.”
Zero Trust will enable the next big jump in cybersecurity improvement, Gurvich says. “Yes, we’ll see some pushback from the bad guys. And we’ll deal with that. That’s the nature of the game. And it happens outside of security too! We’re back from a huge quarantine, in some ways that’s the biggest demonstration of Zero Trust! I think overall the trend is in the right direction.”
Visibility, AI, And An Optimistic Outlook
One of the other main challenges facing teams today is a lack of visibility into the network environment, Gurvich says. “Organizations just don’t really understand the networks or the infrastructure they operate. They do not have enough visibility to make the right decisions… You see network engineers with spreadsheets. These are not the kind of tools we should be using to understand what we’ve got and look at our networks.”
To this end, consolidation of tools is another major theme in the cybersecurity space today. This is driven by a mixture of factors including tool overload, skills shortages, and economic pressures on security teams to do more with less. “I think that trend will increase over time because it’s not just about the direct cost. It’s also about the cost of integrating a whole bunch of different solutions, and hence their efficacy, because it becomes complex to connect a whole bunch of different segmented products.”
Digital transformation and emerging new AI technologies means “it’s difficult to really anticipate how the landscape will look three years from now,” Gurvich says. “Given this fundamental platform shift that I think we’re seeing with AI…we’ll have a lot of tools that we could just not use before. That will help. It’s going to be an interesting space to watch and a very dynamic space to be in, so I’m kind of excited about what’s coming! I tend to be optimistic, and when we look at these things over time, they’re improving, meaningfully. So, I think we’re making progress.”
Listen to our full interview with Pavel Gurvich on the Expert Insights podcast.
Listen on Spotify:
Listen on Apple Podcasts:
About Expert Insights:
Expert Insights provides leading research, reviews, and interviews to help organizations make the right IT purchasing decisions.