Illumio Blog
November 13, 2018

What Happens When the U.S. Starts to ‘Defend Forward’ in Cyberspace?

Head of Cybersecurity Strategy

Jonathan is a seasoned cybersecurity strategist. He's been at the forefront of international security policy and now leads Illumio's public cybersecurity policy engagements and research.

This article was originally published on defenseone.com

A couple of weeks ago, the U.S. Defense Department took the first step in executing its new “defend forward” doctrine in cyberspace. The Pentagon telegraphed this step in its new cyber strategy, which told Russia, China, and others that if they continue to conduct cyberspace operations against U.S. interests, the U.S. will push back by targeting their military cyberspace infrastructure and disrupting their operations.

Read more »

cybersecurity

November 7, 2018

It's a Bird, It's a Plane, It's...Supercluster!

Director of Product Management

Tim is an accomplished product management leader with 16 years of experience in enterprise software and networking. He leads platform product management for Illumio Policy Compute Engine.

Large organizations often have data centers located in different geographic regions. Distributed data centers allow these organizations to locate their applications close to their customers and employees, comply with data residency requirements, and provide disaster recovery for their critical business applications. The adoption of public cloud is making it even easier for organizations of all sizes to distribute their workloads across multiple regions. For example, AWS now spans 18 geographic regions around the world.   

We’re excited to introduce PCE Supercluster to provide full visibility, centralized and federated management, and consistent enforcement of micro-segmentation policies across multi-region infrastructure – at very large scale. This post explores the key requirements for securing multi-region infrastructure and why we designed PCE Supercluster with a federated architecture. 

Read more »

cybersecurity

November 5, 2018

[Key Takeaways] Assume Breach: Best Practices in Cyber Resilience

Head of Cybersecurity Strategy

Jonathan is a seasoned cybersecurity strategist. He's been at the forefront of international security policy and now leads Illumio's public cybersecurity policy engagements and research.

It is not a question of if but when an organization or an individual will be breached in cyberspace. If you believe that, you have taken the most important cognitive step – you are prepared to “assume breach” and build resilience to withstand a cyberattack.

But if you assume breach, what does it mean for how you think about security investments in people, processes, and technology? More importantly, what strategies should your organization employ to become secure beyond breach? On October 24, 2018, Illumio convened a group of cybersecurity strategy and technology leaders in Washington, D.C., to discuss the assumption of breach and identify best practices in cyber resilience. 

Below is a summary of key findings from the day. For those interested in hearing all these smart people talk, stay tuned for the videos. 

Read more »

cybersecurity

October 29, 2018

Law Firms Need to Assume Breach — And Invest Accordingly In Internal Defenses

Head of Cybersecurity Strategy

Jonathan is a seasoned cybersecurity strategist. He's been at the forefront of international security policy and now leads Illumio's public cybersecurity policy engagements and research.

This article was originally published on law.com

The thought of a cyberattack strikes fear into the hearts of law firms every day. Yet rarely do partners take the necessary step back and ask: why are breaches having such an impact? The answer is simple — and so is the solution.

Read more »

cybersecurity

October 26, 2018

4 Ways Law Firms Can Defend Against Cyberattacks

Head of Cybersecurity Strategy

Jonathan is a seasoned cybersecurity strategist. He's been at the forefront of international security policy and now leads Illumio's public cybersecurity policy engagements and research.

This article was originally published on legalitprofessionals.com

Law firms face constant threats in cyberspace. They hold a treasure trove of sensitive data that’s attractive to everyone from homegrown hackers to hostile nation-state actors, and according to the American Bar Association 2017 Legal Technology Survey, 22 percent of law firms experienced a cyberattack in 2017 (up from 14 percent in 2016). Following a breach the global average “dwell time” for an intruder to remain inside an organization is 191 days. The most infamous law firm hack to date was the breach of the Panamanian law firm Mossack Fonseca, which ultimately led to the firm’s closure.

Some firms are taking proactive measures to secure themselves and their clients’ data, but many need to improve their approach. The goals of a cybersecurity strategy are broadly understood – prevent data loss and disclosure. But where do you start, how will it impact you at the organizational level, and what technology investments need to be made? 

Read more »

cybersecurity