Business Continuity - what have we learned so far?

Financial institutions are in the midst of open banking transformation. Many are focused on the core principles, but others are embracing the growth opportunity. We believe it is timely to take stock of progress and share best practices for open banking innovation.

Join Forrester Senior Analyst, Zhi-Ying Barry, for her latest research on open banking and Johnny Yeo, Akamai Enterprise Security Architect, for his technical advice on APIs. Together they will lead an interactive session featuring:

• Insights on the progress towards open banking in Australia
• Reference architectures for delivering, scaling and securing APIs
• Examples of organisations using open banking for innovation

Akamai has deployed JavaScript engines across our platform, creating the most broadly distributed, low-latency, serverless edge computing platform available. With EdgeWorkers, developers can quickly create functions and deploy across our platform. Watch this session to explore more on how you can leverage EdgeWorkers for your web properties.

Key takeaways from the workshop:
- Overview of EdgeWorkers and deep-dive on benefits
- Examples of a few use-cases to get you started
- How to sign up for EdgeWorkers

What a year. As the world adapted to the pandemic lockdowns, criminals did, too. There’s no doubt that many of the changes we’ve seen to the threat landscape are here to stay. Join us for our live webinar as we discuss how:

- Criminals have adapted during the pandemic to take advantage of changes in how we work and function daily
- Increased automation now drives tens of millions of web application attacks a day
- DDoS extortion schemes across Asia Pacific bring threats of business-crippling attacks across industries
- Remote workers are more vulnerable than ever as attackers continue to capitalize on the increased digital risk surface

Don’t miss this chance to review key security learnings of 2020, and prepare for 2021 and beyond. Register now.

2020 has been a unique year in so many ways, and the cybersecurity landscape is no different. Threats vectors and threat actors have rapidly evolved their attack methods to match the changes in the digital risk surface and security teams have had to spend considerable effort to keep pace with new types of threats.

This session will look at key threats organizations faced in 2020, from DDoS and credential stuffing attacks, to attacks on remote working infrastructure, with a focus on extracting key learnings to help security leaders prepare their security strategies for 2021 and beyond.

신용카드 스키밍(skimming)은 오랫동안 보안팀의 도전과제였습니다. 해커들은 물리적 디바이스에서부터 폼재킹, 스크립트 인젝션과 같은 온라인 정보 수집 공격에 이르기까지 웹 보안 시스템보다 앞서 나가기 위해 지속적으로 전략을 발전시키고 있습니다. 최근에 꾸준히 증가하는 스키밍 방식은 애플리케이션에 존재하는 파트너·공급망 써드파티 스크립트를 활용합니다. 앱으로 들어오는 수상한 침입을 차단하는 기존의 방식도 유용하지만, 벌금이 증가하고 대규모 유출이 발생하고 있다는 점을 고려할 때 개인식별정보(PII)가 탈취되는 것을 막을 수 있는 조치를 반드시 마련해야 합니다.

발표 내용은 다음과 같습니다.
Magecart 공격의 역사와 규모
써드파티 스크립트의 증가가 취약점 증가로 이어지는 이유
스크립트 감염 분석 및 대응 방법
Magecart를 효과적으로 방어하는 서비스의 특징
써드파티 스크립트의 상황을 분석하는 데 유용한 팁

발표자는 Akamai Technologies의 신동곤 상무입니다.

Digital identity and customer profiles are at the center of every company's digital transformation. In today's markets, customer identities and personal data associated with them are among the most critical and valuable assets of any enterprise.

This talk explores the pros and cons of in-house CIAM solutions versus commercial CIAM solutions - taking into account changing requirements dictated by resource, technology, innovation, customer experience, security compliance and regulations. It features a range of recent CIAM case studies in Asia Pacific, including the Communications & Media, Energy & Utilities and Consumer Electronics industries.

Our presenters from Akamai Technologies are Manish Upadhaya, Senior Security Specialist and Dawson Sewo, Principal Cloud Security Architect.

「新しい生活様式」のもと経済活動のインターネットへの依存が高まる中で、アカウント情報やカード情報などを盗むWebスキミング攻撃の増加が懸念されています。ウェブスキミング／Magecart 攻撃の手口をを再現デモを交えて明らかにするとともに、Akamaiの開発した最新のWebスキミング対策について解説します。

信用卡数据窃取一直是安全团队面临的一大挑战。从实体设备到在线搜集攻击（例如表单劫持和脚本注入），黑客一直在不断推动攻击策略的发展，企图比 Web 保护程序领先一步。稳步增加的最新数据窃取方法利用了应用程序中存在的合作伙伴和供应链第三方脚本。尽管阻止可疑的应用程序入侵活动的传统方法仍然很有价值，但是大规模的泄露事件和不断增加的罚款使得企业必须立即采取行动，以防止个人身份信息被窃。

参加本次演讲，了解以下内容：
● Magecart 攻击的发展历程和攻击规模
● 第三方脚本的兴起如何造成漏洞增加
● 有关脚本入侵与缓解方法的分析
● 有效的 Magecart 保护服务的属性
● 有关第三方脚本分析的技巧

우리 주변에는 좋은 봇도 있고 나쁜 봇도 있습니다. 나쁜 봇은 DDoS, 웹 애플리케이션 공격, 크리덴셜 스터핑 등 다양한 공격에 사용될 수 있습니다. 반면 좋은 봇은검색 엔진 최적화, 대화형 인터페이스, 서비스 통합과 같은 유용한 비즈니스 기능을 제공할 수 있습니다. 디지털 플랫폼에 API를 도입하고 자동화하는 기업들이 증가하고 있습니다. 따라서 좋은 봇이 제 기능을 할 수 있도록 허용하고 동시에 악성 봇과 관련된 리스크를 관리해야 합니다.

Akamai Technologies, 기술 영업 매니저 한준형 (Chun Han)은 이 발표를 통해 봇의 진화, 봇을 활용한 공격 및 다크웹의 경제를 설명하고 효과적인 봇 관리 방법을 공유합니다. 또한 일부 상용화된 봇이 합법적인 비즈니스로 가장하고 특정 온라인 기업을 공격하는 방법도 자세히 설명합니다. 봇의 작동 방식과 봇 운영자의 의도에 대한 이해도를 높이면 정상적인 고객의 사용자 환경에 영향을 주지 않으면서 빠르게 변화하는 봇 운영자의 기술에 효과적으로 대응할 수 있습니다. 어떻게 대비해야 할지, 어떤 부분을 고민해야할지를 기업과 개인 입장에서 제시합니다.

발표자는 Akamai Technologies의 한준형 상무, Korea Media PreSales Manager입니다.

Our lives have shifted online. Without the ability to see and touch, images and videos are providing the connections to our physical world. Consumers rely on what they can see online before making a buying decision.

But these are also times of limited bandwidth and network overload. Media-rich websites and apps are creating challenges for marketers, visual design teams, and web developers alike. Delivering high-quality images and video with speed and impact is more difficult than ever. Nothing is more frustrating for consumers if they want to zoom in on a detail and all they get is a pixelated, blurry mess.

Imagine all your videos and images delivered in the optimal format, tailored to the screen size of each end user, and always with the best possible visual quality — all without the need to touch your code or your image and video files. And imagine you could do this in a heartbeat across all your websites and apps without having to touch every single one of them.

Too good to be true? In this webinar, we will introduce and demonstrate how Image & Video Manager can be used to:

- Simplify and automate the process of image and video optimisation
- Deliver the right formats, sizes, and visual quality tailored to each end user’s specific browser, device, and network connection in real time
- Decrease page weight by reducing file sizes without quality degradation
- Do all of the above without the need to write complex code and generate countless derivative renditions of your media assets
- In fact, do all of the above without writing any code, generating any derivatives, or making any changes to your digital asset management (DAM)

You’ll also learn about next steps for your free trial of Image & Video Manager.

Retail, travel, and hospitality were among the hardest-hit industries this year. But what was it about those industries that attracted 63% of credential stuffing attacks and 41% of web application attacks in the past two years? The answer is simple: loyalty points.

Our threat researchers discovered alarming security vulnerabilities in these three industries while analyzing our exclusive data up through Q2 2020.

Watch our on-demand webinar, where you’ll learn:

• Common tactics in credential stuffing, web application, and DDoS attacks
• The vast underground marketplace in stolen accounts
• Strategies and tech solutions to protect your customer data
• Simple steps to protect your own loyalty accounts

Speakers:
• Martin McKeay, Editorial Director
• Patrick Sullivan, Sr. Director of Global Security Strategy
• Tony Lauro, Director, Security Technology & Strategy

フィッシングは依然として、組織にとっての大きな脅威です。個人に対してだけではなく、企業に対する脅威として広がっています。そして、このフィッシング攻撃は、攻撃者達が経済的につながって協力し合うエコシステムを形成し始めています。その攻撃の実態、具体的な攻撃手法、そして防ぎ方をご紹介します。

Disposable income. Socially active online. Passionate about gaming. Sound familiar?

For cybercriminals, this combination makes gamers a lucrative target. Add COVID-19 lockdowns to the mix — like Steam’s record-setting day of 24 million players online — and conditions are extraordinarily ripe for attack.

Join us for our upcoming webinar, where we’ll examine the security threats against gamers. Get insights on:
• Attack volumes and seasonal patterns over two years through Q2 2020
• The top web attack vectors in gaming and across all industries
• Gamer perspectives based on a survey of over 1,200 (in partnership with DreamHack)
• How gamers should protect their accounts

Our expert panelists include gamers (including one who has played some version of modded Minecraft almost every day for the past decade). Register to watch today!

Speakers:
• Martin McKeay, Editorial Director
• Steve Ragan, Editor & Security Researcher
• Molly Elise Young, Security Compliance Specialist II

数字身份和客户档案是每个公司数字化转型的中心。在当今市场中，客户身份及其关联的个人数据对任何企业来说都是高度重要、颇有价值的资产之一。

本次演讲探讨了自主开发的 CIAM 解决方案与商业 CIAM 解决方案的优缺点，其中结合了资源、技术、创新、客户体验、安全合规性和法规等因素带来的不断变化的要求。演示中重点分析了亚太地区最近的一系列 CIAM 案例，涉及通信与传媒、能源与公用事业和消费类电子产品行业。

From astronomical spikes in attack numbers to new markets for illegal access, COVID-19 has had a major impact on account takeover attacks against the media industry.

Join Akamai security experts as we explore trends that surfaced in the 2018–2019 data, and how they exploded in 2020. Security professionals: Don’t miss this on-demand webinar. These new discoveries about credential stuffing are critical — no matter what industry you’re in.

Speakers:
• Martin McKeay, Editorial Director
• Steve Ragan, Editor & Security Researcher
• Patrick Sullivan, Sr. Director of Global Security Strategy

정교하고 자동화된 최신 공격 기술이 등장하고 유출된 인증정보가 광범위하게 사용되면서 크리덴셜 스터핑은 많은 기업들에게 리스크가 되었습니다. 크리덴셜 스터핑은 가장 효과적이고 수익성이 높은 웹 사기 중 하나입니다. 또한, 신속하고 정교한 크리덴셜 스터핑 공격은 기업의 매출, 생산성, 평판을 저해할 수 있습니다.

최신 공격 패턴과 이를 방어할 수 있는 방법에 대해 알아보시기 바랍니다.

발표 내용은 다음과 같습니다.
크리덴셜 스터핑 공격의 특징과 기업이 직면한 일반적인 봇 탐지 문제
현재 아시아 지역의 리테일, 금융, 기타 산업 전반에 걸친 크리덴셜 스터핑 공격 사례
점점 정교해지는 공격을 방어하는 방법

발표자는 Akamai Technologies의 한준 부장입니다.

While security vendors often talk about financial costs in terms of brand damage and lost revenue, quantifying the actual economic impact from a security solution can be a daunting task.

Akamai commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study, interviewing Akamai customers on their experiences with Akamai edge security solutions, including DDoS protection, web application firewall, bot management, secure web gateway, and secure application access.

The result is a repeatable methodology for any organization to calculate security benefits in terms of revenue protection, decommissioning legacy security products, reduced hardware spend, and security FTE savings.

Join this live webinar with guest speaker Bob Cormier, vice president and principal consultant at Forrester Consulting, and Renny Shen, director of product marketing at Akamai.

At the end of the webinar, you will have a good understanding of the methodology used and how to apply this with an interactive calculator to evaluate the potential financial benefits your organization can realize.

Agenda:

• Akamai edge security products overview
• Forrester Research TEI methodology
• Key findings
• Financial benefits summary
• Q&A

パンデミック対策によるとテレワークの急増から、企業のアタックサーフェス（攻撃面）は拡大し、IT管理の複雑さが生じています。この動画では、アカマイ自身の経験をもとに、テレワークにすぐに役立つ考慮ポイントとその実践的な技術をご紹介します。

僵尸网络可能是良性的，也可能是恶意的。恶意爬虫程序可用来发起各种攻击，从 DDoS、Web 应用程序攻击一直到撞库。另一方面，良性的爬虫程序可以提供合法的业务功能，例如搜索引擎优化、对话界面和服务聚合。随着企业在其数字平台中引入更多的自动化机制和 API，他们需要允许良性的爬虫程序正常工作，同时也要管理与恶意的爬虫程序相关的风险。

在这次演讲中，Akamai 安全专家将带您了解撞库攻击中的恶意爬虫程序带来的暗网经济，并探讨有效的爬虫程序管理方案。他还会谈到一些商业化的爬虫程序操纵者如何伪装成合法企业，并针对特定在线品牌发起攻击。通过更好地了解爬虫程序的工作原理以及爬虫程序操纵者的动机，您可以有效抵御爬虫程序操纵者快速发展演进的技术，同时保证不会影响合法客户的用户体验。