CAMBRIDGE, Mass., Jan. 13, 2022 /PRNewswire/ --
- Government and industry should prioritize investments in tools
and technologies that can help increase visibility of use of open
source, optimally through automated tools.
- Supports strong private-public ownership and vulnerability
management for designated critical open source libraries.
- Calls for improvement of information sharing across government,
industry, and business.
Akamai Technologies, Inc. (NASDAQ: AKAM), the world's most
trusted solution to power and protect digital experiences,
today participated in the White House Open Source Software Security
Summit and released the following statement:
Akamai was pleased to participate in the White House Open Source
Software Security Summit today, and appreciated the opportunity to
share our perspective and recommendations on this important
topic. Improving the security of open source software is
vital, as it is critical to the internet ecosystem. However, the
ability to quickly contain the impact of a vulnerability once it is
discovered is equally significant. This meeting was particularly
timely, given the recent Log4j vulnerability detection. We applaud
the administration's proactive leadership to tackle this important
issue, which, if left unchecked, can have far-reaching negative
impacts for both the government and the private sector.
Akamai asserts that businesses must invest time and resources
into open source software to ensure continued innovation and
security. Akamai has a long history of working with the open source
community and contributing to open standards. This includes work
with the Internet Engineering Task Force (IETF), World Wide Web
Consortium (W3C), Internet Security Research Group (ISRG), OpenSSL,
and the Linux Kernel. We are evaluating how we can expand those
commitments this year.
Akamai advocates for the following five pillars through
continued partnership with our customers — many of which are
leaders in their respective industries — and in collaboration with
the White House, National Security Council, and broader technology
community:
- Increase visibility into reliance on open source
technologies — many companies don't fully know the open
source code that lives in their environments. Only by gaining
visibility into the network and its code stack can we reliably
address security flaws when they occur. Log4j was a black swan
event, but serves as a potent reminder that the government and
private sector need to prioritize investments into tools and
technologies.
- Identify key open source libraries and support strong
ownership and vulnerability management — threat actors comb
open source libraries to find vulnerabilities like Log4j. The
technology community must provide support — via active
participation in projects and financial investment — to the open
source communities we depend on.
- Build reliable containment plans for when exploits are
identified — we are never going to eliminate
vulnerabilities, so it's essential we have effective containment
policies in place to help protect businesses and consumers. We can
accomplish this via actionable reporting processes and supporting
technology solutions.
- Improve cross-government and industry information sharing
when vulnerabilities are first identified — the more eyes
that we can get on a problem, the quicker the problem can be fixed.
By building an information-sharing community of trusted security
providers, we can ensure that vulnerabilities are addressed and
that patches reach wide distribution faster.
- Expand government authorization of solutions to increase
defenses — adversaries evolve quickly, and the government needs
to be agile to ensure its defenses can protect important government
systems and key infrastructure. In some instances, an emergency
authorization of technology from trusted providers would enable
fast implementation of solutions not yet FedRAMP certified to
quickly enable protection against new threats.
About Akamai
Akamai powers and protects life online. The most innovative
companies worldwide choose Akamai to secure and deliver their
digital experiences — helping billions of people live, work, and
play every day. With the world's largest and most trusted edge
platform, Akamai keeps apps, code, and experiences closer to users
— and threats farther away. Learn more about Akamai's security,
content delivery, and edge compute products and services at
www.akamai.com and blogs.akamai.com, or follow Akamai Technologies
on Twitter and LinkedIn.
Contacts:
Stephanie
Fallon
Media Relations
sfallon@akamai.com
617-610-5641
Julie Klein
Public Policy
jklein@akamai.com
703-581-6414
View original content to download
multimedia:https://www.prnewswire.com/news-releases/akamai-comments-on-national-security-council-and-white-house-open-source-software-security-summit-301460914.html
SOURCE Akamai Technologies, Inc.