Adaptive Segmentationmicro-segmentation August 1, 2022

Averting Cyber Disasters, Cyber Resilience Strategies, and Zero Trust Mistakes

Charlie Bedell, Senior Content Marketing Specialist

Research has proven that Zero Trust security is one of the best ways to protect against modern cyberattacks. Security leaders are now urging organizations to use Zero Trust to achieve cyber resilience. But what is the right way to implement it?  

This question plagues many security teams and was the emphasis of this month’s cybersecurity news.  

ESG research confirms Zero Trust Segmentation increases cyber resilience 

VentureBeat reported on new ESG research commissioned by Illumio on Zero Trust in their article, Report: Orgs with Zero-Trust Segmentation Avoid 5 Major Cyberattacks Annually.  

The Zero Trust Impact Report found that organizations leveraging Zero Trust Segmentation avert five major cyberattacks annually and save more than $20 million in downtime costs. This shows that Zero Trust is one of the best security strategies for managing the risks of cyberattacks and increasing cyber resilience.  

VentureBeat ties the growing impact of Zero Trust to accelerated digital transformation which has created hybrid, hyper-connected networks. Organizations are left increasingly vulnerable to cyberattack, especially when legacy, perimeter-based security tools no longer protect today’s dispersed IT environments.  

“This surge in connectivity and growing hybrid complexity has led to a dramatic uptick in the number of vulnerable endpoints (i.e., laptops) and a widening attack surface,” VentureBeat said. 

In fact, 76% of organizations have experienced a ransomware attack and 66% have experienced at least one software supply chain attack in the last two years alone. However, VentureBeat highlighted the report’s findings that nearly half of security leaders do not believe they will be breached – despite the mountain of evidence saying otherwise.  

The report also found encouraging news: 90% of organizations are planning to advance their Zero Trust initiatives in 2022. And 81% of organizations agree that Zero Trust Segmentation plays a critical role in accelerating Zero Trust efforts. These statistics were particularly surprising to VentureBeat as they highlight the gap that remains between Zero Trust implementation and full adoption of Zero Trust’s core tenet of “assume breach.”  

“In short, the report is the latest to demonstrate that Zero Trust, and specifically Zero Trust Segmentation, are modern strategies to reduce risk and increase cyber resilience as the threat landscape continues to grow and evolve,” explained VentureBeat.  

Don’t wait to start your Zero Trust journey 

Illumio CTO and co-founder, PJ Kirner, discussed Zero Trust Impact Report findings and how organizations can achieve cyber resilience with Zero Trust in his interview with TechStrong TV

Kirner’s key message to security teams was to start now. Breaches will happen, and having a Zero Trust security strategy in place will protect against cyber disasters.  

Watch his interview: 

PJ Kirner, Illumio | RSA Conference 2022 from Digital Anarchist Network on Vimeo.

Protecting critical infrastructure with proactive cybersecurity strategies  

Illumio’s Federal Director, Mark Sincevich, wrote Zero Trust Bolsters Our National Defense Against Rising Cyber Threats for Dark Reading this month. He addressed the U.S. Federal government’s continued focus on cybersecurity to protect critical infrastructure and build cyber resilience from the inside out.  

“The Colonial Pipeline and JBS attacks, among others, showed us that our national resilience is only as strong as public-private sector collaboration,” said Sincevich. “And as ransomware attacks remain the norm, new collaborative strategies and programs are underway to build and foster cyber resilience.”  

Sincevich wrote that the Federal government continues to take steps in the right direction, with recent cybersecurity initiatives including: 

Despite these positive initiatives, more needs to be done to build national cyber resilience. Sincevich recommends implementing a Zero Trust security framework based on President Biden’s May 12 Executive Order 14028, “Improving the Nation’s Cybersecurity,” which directed “the immediate need for federal agencies to implement Zero Trust to bolster national cyber resilience.” 

In particular, he emphasized microsegmentation as a key component of Zero Trust security. Zero Trust assumes breaches will occur, and microsegmentation stops the spread of those attacks when they happen. As a result, it reduces the network’s attack surface by breaking down internal infrastructure into smaller segments. This helps keep breaches from disrupting the supply chain and halting critical infrastructure functions.  

“A proactive cyber strategy, coupled with increased public-private partnerships and adherence to strong cyber hygiene practices, are critical components of bolstering our national cybersecurity posture,” said Sincevich. 

Zero Trust implementation mistakes to avoid 

Over the past two years, more sophisticated cyberattacks, accelerated cloud adoption, and a shift to remote and hybrid work have prompted organizations to turn to a Zero Trust security strategy to protect their networks.  

But as Network World highlights in their article, 5 Mistakes to Avoid When Implementing Zero Trust, the resulting hype around Zero Trust technologies has caused confusion about what Zero Trust is and how to implement it.  

According to Forrester, “Fake news propagated by security vendors about Zero Trust caused confusion for security pros.” 

Network World’s article highlights five mistakes organizations should avoid when implementing a Zero Trust security strategy – and how to resolve them. 

  1. Assuming Zero Trust means ZTNA: Zero Trust Network Access (ZTNA) is a Zero Trust strategy, but it does not achieve Zero Trust alone, according to Network World. While ZTNA is based in Zero Trust principles, Network World recommends a foundation of Zero Trust Segmentation to isolate sensitive data and systems to reduce the spread of a breach. 
     
  2. Confusing Zero Trust with a product: There are many tools and products that can help organizations implement a Zero Trust strategy, but these tools aren’t the strategy itself. Network World says to ignore the labels and look for products with capabilities tied back to the fundamental principles of Zero Trust.  
     
  3. Assuming you can achieve Zero Trust without basic security hygiene: Deploying tools isn’t enough to achieve Zero Trust – or protect your network. Organizations must get visibility into communication flows, especially areas within infrastructure where protection is based on some form of trust, according to Network World.
     
  4. Having poorly defined user access policies: Security and IT administrators must have a clear understanding of who needs access to what before making user access policies, says Network World. Without this, Zero Trust’s core tenet – least-privilege access to the network – cannot be achieved, leaving the network open to vulnerabilities.  
     
  5. Neglecting the user experience: Zero Trust security can have a major impact on end users. Network World cautions security teams about implementing Zero Trust initiatives without first preparing users for the change.  

Overall, Network World emphasizes that Zero Trust is a security approach rather than a product, platform, or one-off fix. Zero Trust encompasses a variety of strategies, helping security teams have an action plan to prepare for breaches that inevitably access the network.  

Get more information on Illumio and Zero Trust Segmentation: 

Adaptive Segmentationmicro-segmentation
Share this post: