Cybersecurity is defined by change: As threat actors evolve their tactics, our security strategies must evolve alongside them. This evolution was the focus of Illumio’s news coverage this month, specifically centering around cloud security and AI.
Keep reading to learn what Illumio’s business leaders and top security experts had to say about on these topics:
The new Illumio for Microsoft Azure Firewall integration
Illumio named a top cloud workload protection platform
Why AI-generated cyberattacks can’t be solved by “fighting fire with fire”
Illumio + Microsoft: Modernizing security in the cloud
The integration harnesses Microsoft Azure Firewall's native capabilities to implement Illumio Zero Trust Segmentation (ZTS). It empowers security teams to effortlessly craft and oversee context-based security rules that dynamically adapt to changes within the Azure environment.
Whether you're scaling resources up or down, adding or removing elements, or updating dependencies, users can confidently test and verify the impact of their security policies using a simulation mode (which safeguards applications and workloads from potential misconfigurations or disruptions before being fully deployed).
Ann Johnson, Corporate Vice President at Microsoft Security, said the integration came out of customer feedback and a focus on Zero Trust security for the hybrid cloud: “We are completely ecosystem-focused from the standpoint that we believe that customers will have a variety of solutions in-house that will help them with their security posture. The best thing for us to do is make certain that we are integrated with those solutions, so that customers can have the maximum protection. Zero Trust is a core underpinning of that.”
But Nunez also highlighted that implementing Zero Trust strategies isn’t always easy, especially in the cloud. Johnson acknowledged this, explaining that roadblocks often come from workflow and policy.
“The easier we can make it for folks to actually implement technology to support that change and how they work, the better for the customer and the frictionless environment,” Johnson said.
This is more important than ever for hybrid cloud environments.
Illumio's CEO, Andrew Rubin, emphasized the importance of Zero Trust Segmentation in limiting the impact of ransomware attacks in the cloud, which have posed significant concerns for businesses. He noted that ransomware is indiscriminate and can spread rapidly if not contained, making robust segmentation crucial.
“We need to be protecting the public cloud assets of our customers exactly the same way that we’ve protected their data center and endpoint assets for years,” Rubin said.
Illumio named the best platform for advanced microsegmentation in the cloud
In addition to the new Illumio + Microsoft Azure integration, Illumio’s cloud security leadership was further validated by being named a top cloud workload protection platform in eSecurity Planet.
Maine Basan’s article, What is Cloud Workload Protection? Ultimate Guide,defines cloud workload protection (CWP) as the process of monitoring and securing cloud workloads from threats, vulnerabilities, and unwanted access, and is typically accomplished via Cloud Workload Protection Platforms (CWPP).
Microsegmentation, also called Zero Trust Segmentation, is key to CWP because it divides a cloud environment into smaller, isolated segments, each with its own set of security protections. This bolsters cyber resilience by reducing lateral threat movement across cloud workloads.
“Microsegmentation is consistent with the Zero Trust concept, which requires continuous reverification of connections,” Basan explained. “By separating different parts of your system from one another, CWPP helps to prevent the spread of attacks. If one component fails, the others can keep working properly.”
Illumio Core was chosen as a top CWP because of its sophisticated microsegmentation features that help organizations define fine-grained security boundaries across workloads and stop threats from moving laterally. Illumio Core's advanced microsegmentation capabilities include end-to-end workload visibility across the hybrid attack surface, adaptive security policies, and the ability to stop and contain breaches at their point of entry.
According to Basan, “It is a useful option for protecting cloud workloads because of its capacity to adapt to changing workloads and streamline visibility.”
Why more AI isn’t the solution to fighting AI-powered security threats
AI brings with it an exciting promise of new technologies and applications. But the rise of AI-driven cyberthreats is becoming increasingly evident and poses significant challenges to organizations trying to keep pace with threat actors.
Dearing explained that AI-generated threats are often perpetrated by less skilled individuals, commonly referred to as “script kiddies,” who employ generative AI tools to craft malware.
“Tools like ChatGPT will block harmful requests; however, more malicious versions like WormGPT and FraudGPT are now circulating,” Dearing said. “Organizations are now plagued by the more sophisticated threat groups using AI to explore new attack techniques.”
But Dearing warns organizations against “fighting fire with fire” by deploying defensive AI systems.
“The ability for adversaries to poison and subvert defensive tools means that there's always a risk that AI-powered security solutions will be tricked into overlooking malicious activity. Wider deployment of AI threat detection also means more opportunities for threat actors to understand how tools work and counteract them,” he explained.
Because of these challenges, Dearing recommends organizations use AI “judiciously, just as we use antibiotics.”
This means a new way of thinking for many organizations: “One that moves away from the static, network-based cybersecurity approaches of the past, to a more dynamic approach that applies security controls on a much granular level based on risks identified,” Dearing said.
The best way to do this? Tightly control the environments AI can access. This limits the “learning surface” available to offensive AI within networks.
Dearing says strategies like breach containment, achieved through Zero Trust Segmentation can restrict the spread of threats and improve incident recovery. The improved visibility and granular control over resource interconnections provided by Zero Trust Segmentation are essential to proactively preparing for AI-powered threats.
By limiting dependencies to essential communications, organizations can respond swiftly and effectively during AI attacks, reducing the threat's learning capabilities and ensuring the continuity of critical services.
Want to learn more about Illumio Zero Trust Segmentation? Contact us today for a free consultation and demo.