The global COVID-19 crisis vastly accelerated digital transformation toward more automated, integrated, and AI-assisted business. The explosion in our use of digital tools—and the ramifications for managing and securing those tools—are reflected in our 2021 State of Application Strategy Report.
Applications power the digital economy. Though broadly referred to as digital transformation, it is evident that businesses across industries are dependent on applications to deliver business outcomes. From our 2020 State of Application Services Report: Asia Pacific Edition, organizations are leveraging the public cloud to participate in industry ecosystems, take advantage of cloud-native architectures, and deliver applications at the speed of the business. Yet, most still struggle with security and compliance concerns.
Attackers and fraudsters continually hone and sharpen their capabilities. The result of this is that online businesses are losing millions of dollars each year to fraud, with these losses growing each year. It’s clear that rule-based approaches to fraud detection and prevention have not been relevant or helpful for quite some time. That leaves security and fraud teams looking to AI and machine learning models as the next generation in fraud detection and protection. That being said, with most vendors using the same jargon, what differentiates the different fraud vendors?
The 2020 Phishing and Fraud Report is out now and it’s one of the most comprehensive publications released by F5 Labs. The report combines data from the F5 Security Operations Center (SOC), BrightCloud's Webroot platform, darknet threat intelligence from Vigilante, and features research and insights from F5 and Shape security research teams. Join our webinar to discover the report and the world of phishing.
In this session our experts from F5 Labs and Shape Security will cover tools and tactics leveraged by fraudsters to illegally monetize businesses. There will be in-depth coverage of techniques such as Account Take Over, Collusion Fraud, along with what it takes to build a robust defense mechanism to combat digital fraud, mitigate risk and maximize business outcomes.
Competing for customer loyalty in a digital world is hard. To add to this challenge, leaders must defend the business from motivated adversaries who have evolved their tactics to bypass security defenses and evade detection. Any business that operates e-commerce applications or manages user accounts of value is a potential target and the consequences are significant - account takeover (ATO), fraud losses, and damaged brand to name a few.
We routinely use security technologies such as firewalls to protect all of our applications, not just the most critical ones. Yet when it comes to web apps, there is a tendency to only deploy WAFs where absolutely necessary. As web applications increasingly move to public clouds and container-based environments, there’s an increasingly pressing need to provide across-the-board protection.
For many organizations, building and securing apps has typically been a siloed and complex undertaking. The product owners, developers, and security engineers are coming from different teams with varying sets of resources, skills, perspectives, and expectations. Too often, these teams have priorities and resources that are not aligned. This can create tension, introduce roadblocks, and ultimately impact the business, especially when they all have a stake in the app development process.
The move towards the cloud and SaaS-based service should be not restricted to applications alone. Security services can also be consumed in a self-service manner for application security. SaaS-based WAF protects origin servers on both cloud and on-prem locations and in a way that enables self-services from application owners to integrate into their delivery pipelines..
F5 Labs reports detail that web-based attacks have grown from 2,323 in 2017 to over 20,600 in 2019. The exponential growth of applications has led to a significant increase in the rate of public disclosure of breaches. Traditional methods for security controls are lagging behind the need to deploy production-ready apps for continuous deployment.
The use of automation and bots for attacks have been around from the earliest days of OWASP and web application firewalls. What has changed over the years is the increased exposure to these threats with the increasing use of public clouds and explosion of applications. Malicious actors have also evolved into more sophisticated adversaries as there is a growing financial gain from successful breaches.
Attackers are getting more sophisticated, agile, and more creative. Traditional cybersecurity defenses have been pretty static. Artificial intelligence (AI) and Machine Learning (ML) can be used to detect and analyze cybersecurity threats effectively at an early stage. To match the evolving threats, we explore the industry trends of evolving AI and ML to adapt to the ever-changing landscape.
The cloud has become ubiquitous and synonymous more with deployment patterns than as an application environment. Organizations have also become quite established in their adoption of as-a-Service type models for application and business operational needs. Yet despite the ubiquity of cloud, controls around its use are still not as well understood and governed in most organizational practices.
3. BANKING, FINANCIAL SERVICES AND INSURANCE (BFSI)
COVID-19 has brought uncertainty and reduced profitability to banking, and 2021 will see consolidation and lower appetites for risk. Forrester predicts many banks, traditional and digital, will bite the dust or emerge from 2021 both poorer and leaner. Join this webinar to understand which banking priorities will dominate banking execs’ agenda for 2021 and the technological transformation that will play a crucial role. The session also highlights some elements required to succeed in the transformational exercise and meet the challenges banks will face in the next phase of recovery from the pandemic.
Open banking now an inevitable facet of the future for banks around the globe. In countries where open banking is mandatory, such as Australia, many banks face a steep learning curve to implement an open approach. In Singapore and elsewhere, regulators have taken a more market-driven, organic approach to gradually push the agenda forward. Some banks are embracing open banking as an opportunity while others drag their feet to implement open banking as they see it as a threat.
As the state of banking evolves, banks are no longer the sole provider of financial services. This change in dynamics has been pre-conceived by many stalwarts of the industry. Microsoft founder Bill Gates once made this statement “Banking is necessary, banks are not”. We see this becoming true day by day with entities like Fintech companies entering the market with much lesser operating costs and associated banking regulations. In this webinar-based panel discussion, F5 Networks and Twimbit Pte. Ltd., a tech-driven research and knowledge firm will be sharing the key findings from our recent joint project; research on the State of Open Banking market and trends in the Asia Pacific region.
5G will play a key role to businesses seeking to address the growing customer demand for low-latency and very-high bandwidth product features and service experiences. But 5G requires a new approach to the design and operations of network infrastructures. 5G success depends on specific use-case-based network infrastructure design – and therefore on outcome-based metrics; business service levels; and support for specific stakeholders.
Cloud-native infrastructure is foundational to a Service Provider’s 5G success. The ability to define, manage, and control 5G cloud-native infrastructure enables Service Providers to bring processing power within sub millisecond latency to the edge of the network, opening up a new world of innovation opportunities for customers. In order to provide optimal customer experience, it’s best practice to deploy cloud-native infrastructure based on Kubernetes from the core all the way to the edge and far edge of the network. The challenge is that Kubernetes isn’t natively equipped to meet the visibility, control and security requirements of the teams that manage the infrastructure.
Join us as we provide some insights into customers' investment priorities and architectural patterns for securing their 5G network. We will review some key findings from ENISA's 2019 report of the threat landscape for 5G networks along with Heavy Reading's 2019 5G Security Market Leadership study to highlight where service providers are focusing their planning efforts for 5G security.