Author: Jason Mehta, Partner Specialist – F5 Networks, CDW Canada
I recently had the pleasure of attending F5’s Agility 2021, which is an annual conference that F5 hosts for partners and customers. This event is one I look forward to each year, as it brings together the latest innovations in application security, DevOps and infrastructure. Attendees learn how to weave security into every part of their application infrastructure and optimize their performance in multi-cloud environments.
Agility offers educational sessions covering solutions from 5G, access and authorization, app performance, security and troubleshooting, to managed services, multi-cloud management and online fraud protection. There was a lot of great content throughout the event, however I will focus on the top sessions I attended in this blog.
Keynote: Security and the Future of Adaptive Applications
Due to the pandemic, we’re seeing digital transformation accelerate with applications. For example, in 2020 we saw that remote working increased usage by 275% through Teams and WebEx1. Additionally, the amount of time spent using finance applications increased by 45%1, as people were no longer going to the bank branch in person. Similarly, F5 Networks saw an increase of 75% in the number of customers1 who have virtualized their workforce. Because of this, cybercrime is expected to cost $6 trillion globally1, with automation, sophistication and the scale of attacks increasing compared to previous years. Security is not just a perimeter issue anymore, it also now applies to the cloud and modern apps.
According to F5, nine out of ten organizations have a mix of traditional and modern applications1, where multiple vendors, time to market pressure and tool sprawl all affect customer experience. In addition to customer experience, the toil of manual stitching is another challenge, as 40% of organization’s time is spent on toil1.
What Breaches Teach Us
This second session examined some of the trends in cybercrime today, looking at data spills, breaches and thefts, as well as the risk equation, which equals threat x vulnerability x cost. It also emphasized the fact that cybercriminals are always one step ahead of us, and that we always need to be prepared. One area of focus in this session was on the importance of good password hygiene, as employees are recycling passwords by changing only one or two characters from their existing password, which allows for easy hacking.
It’s common to find in most businesses that they will respond to a threat only once it is materialized. To survive in this decade and beyond, it is beneficial to have a system that takes a zero-trust approach. As referenced in our 2021 CDW Security Study, unlike traditional perimeter security architectures, which trust all individuals and applications inside the perimeter, zero-trust architectures trust no one on either side. Identity and access management is a critical component of zero-trust architectures
The Role of Security in Digital Transformations
While the workforce shifted to remote work due to the pandemic, hackers did as well. I attended a panel discussion which discussed how the pandemic has accelerated the rate of digital transformation so dramatically, that organizations have made five years of progress in a little more than 12 months. With this change happening so quickly, we are met with new challenges in application security, resource optimization and more.
During this panel session, Gail Coury, SVP & CISO at F5 Networks, shared one interesting story where the US Government was experiencing fraudulent and credential stuffing attacks, which was largely due to individuals using the same passwords across several applications. The organization deployed Shape by 17 agencies to secure and remediate the credential stuffing attacks. Dave Estlick, CISO at Chipotle Mexican Grill, shared some cyberattacks as well, including digital loyalty programs, automated bots and account takeovers, which are common threats for retailers. The panelists also discussed the topic of misinformation during the pandemic, and the many COVID-19 frauds and scams that have been reported.
Hackers today utilize several automation tactics to directly monetize and probe for vulnerable areas. It is important that build a foundation around AI security controls, have the ability to reroute traffic when attacks are happening and to have managed security services in place due to how fast hackers are moving today.
Overall, this year’s Agility was both enjoyable and informative, and brought forward three key takeaways for attendees:
- Application security will be the security challenge of the decade, due to growth in cyberattacks against applications in the enterprise
- There is a growth in modern application environments, with highly distributed applications leveraging container environments
- The edge will become increasingly important for applications of all types
If you are interested in learning more about the application security, edge computing, adaptive applications or any of the other topics discussed in this blog, please visit cdw.ca/solutions or contact your account team.
- Source: “Security and the Future of Adaptive Applications”. F5 Agility 2021 conference, F5 Networks (April 20, 2021), virtual. Keynote Address.