47 percent of data breaches originated in the cloud in the last year alone. It’s clear that we’re in an era of rampant cloud breaches. Now, organizations must pay attention to how they’re safeguarding business operations and sensitive information in the cloud.
In a recent webinar, Tony Bailey, Product Marketing Director at Illumio, and Jeff Stauffer, Senior Technical Product Manager, discussed why Illumio recently launched the new cloud application and workload security solution, Illumio CloudSecure.
Watch the full webinar here, and get a quick glimpse into the webinar below:
In this blog post, get a recap of their discussion, including why you need to extend Zero Trust Segmentation to your cloud environments now and how Illumio CloudSecure can help.
Organizations face pressing cloud security challenges
Illumio CloudSecure is a much-needed antidote for the state of cybersecurity in 2023 and onward. In fact, research by Vanson Bourne found that nearly half of all breaches in the past year originated in the cloud.
“Security leaders and our own customers are saying they’re seeing a lack of visibility into the connectivity between their public cloud applications and workloads,” said Bailey. “It’s quite a challenge for them.”
Vanson Bourne’s report highlighted that cloud visibility is the top concern for IT and security decision-makers:
95 percent say better visibility into connectivity from third-party software is a necessary improvement to their organization’s cloud security.
46 percent don’t have full visibility into the connectivity of their organization’s cloud services, increasing the likelihood of unauthorized connections.
Over 30 percent say the lack of visibility both across multi-cloud deployments and within a single cloud provider are main threats to their organization’s cloud security.
Organizations are finding that traditional security approaches don’t work in the cloud. This is resulting in significant cloud security gaps and blind spots.
Bailey acknowledged that it’s difficult to get visibility and proactively apply security controls in the public cloud: “Applications and workloads are constantly spinning up and down as things scale up and scale down.”
3 Zero Trust Segmentation benefits for the cloud
Organizations are looking for cloud security solutions that are flexible, dynamic, and scalable enough to secure ever-changing cloud environments. Zero Trust Segmentation (ZTS), also called microsegmentation, fits these needs.
ZTS is foundational to any Zero Trust architecture and one of the best ways to build cyber resilience in the cloud. Unlike prevention and detection technologies, ZTS contains the spread of breaches and ransomware across the hybrid attack surface. This is achieved by continually visualizing how workloads and devices are communicating, creating granular policies that only allow wanted and necessary communication, and automatically isolating breaches by restricting lateral movement proactively or during an active attack.
Bailey highlighted the 3 pillars of Zero Trust Segmentation’s benefits for cloud environments.
1. See exactly what’s happening in the cloud
“Oftentimes, having complete visibility is seen as nice to have, or a luxury,” Bailey said. “But with ZTS, it’s really, really critical.”
ZTS delivers end-to-end visibility into cloud environments by mapping traffic flow telemetry along with contextual labels to see what exactly is connected in the cloud. This in turn helps security teams see where security gaps hide and where segmentation policies need to be put in place.
Bailey provided the example of seeing where an application is running in a VM or container and how it's communicating with the network at any moment in time. This kind of visibility is nearly impossible to achieve with traditional visibility approaches and ensures security vulnerabilties get addressed and closed as soon as possible.
2. Leverage cloud visibility to gain traffic insights
End-to-end cloud visibility helps security teams to choose which policies to implement and how those policies need to control application and workload communications.
“At the end of the day, trusted communications between your applications and workloads is key,” Bailey explained.
In a threat landscape where cyberattacks are unavoidable, it’s vital that organizations are proactively preparing for cloud breaches and ransomware attacks. Getting complete visibility helps teams prioritize where that preparation needs to happen.
3. Block unnecessary communication and connectivity
Cyberattacks’ tactics are always evolving. When breaches inevitably happen in the cloud, ZTS stops and contains their spread.
“Organizations can contain those attacks by leveraging Zero Trust Segmentation to block any unnecessary communications connectivity,” Bailey explained.
See Illumio CloudSecure in action
Illumio CloudSecure helps organizations extend ZTS to the public cloud.
Agentless and easy to set up, Illumio CloudSecure can immediately provide valuable insights into cloud workload connectivity and give you the ability to quickly adapt and set up policies that scale with your environment.