Tom Ruff, vice president of public sector at Cambridge, Massachusetts-based content delivery network and cloud services provider Akamai Technologies (Nasdaq: AKAM), has said government agencies should establish a comprehensive “defense-in-depth strategy” to protect networks from distributed denial-of-service attacks, cross-site scripting and other cyber threats.
Ruff wrote such a strategy seeks to advance the use of adaptable and agile technology platforms to defend networks and internet-connected devices against security threats as well as “set security policy at the edge of the network versus solely in the data center.”
He also discussed the network segmentation process and its potential benefits to agencies’ efforts to ensure the security of networks and applications.
Ruff also cited the need for agencies to implement a consolidated process when it comes to web application security and tackled the requirements of such an approach.
Those include the adoption of apps with built-in security; the need to carry out penetration and vulnerability testing; use of scalable technologies to build up resiliency; implementation of technologies that work to track users’ access to apps; and deployment of application firewalls.
He also called on agencies to facilitate information sharing with other government institutions and industry.