Top Cybersecurity News Stories From February 2024
Cybersecurity can’t stand still — and that’s never been truer than in 2024. Security industry experts expect it to be another year of increasing breaches and ransomware attacks. Organizations across both the public and private sectors continue to prioritize implementation of the most up-to-date security best practices like Zero Trust and breach containment technologies.
This month’s news featured insights from cybersecurity experts and thought leaders on topics including:
- The limitations of traditional security measures in the cloud
- The best ways for federal agencies to prioritize the adoption of a Zero Trust strategy
- CRN’s recognition of Illumio as a top cybersecurity company to watch in 2024
Traditional security is failing us in the cloud
Organizations are facing a worrying reality as they expand their cloud IT infrastructure: They’re increasingly vulnerable to cyberattacks. According to Vanson Bourne and Illumio’s recent Cloud Security Index 2023 report, 47 percent of all breaches in the last year originated in the cloud. Raghu Nandakumara, Senior Director of Solutions Marketing at Illumio, addressed the risks and solutions to cloud security in his article for Network Computing, “Organizations Left Grappling for Solutions Amid Alarming Cloud Security Gaps.”
According to Vanson Bourne research, 98 percent of organizations surveyed store sensitive data in the cloud yet over half of security leaders perceive their organization’s cloud security postures as weak due to reliance on ineffective traditional security tools.
“The report reflects a sense of helplessness among the respondents,” Nandakumara said. “In the cloud, organizations are one misconfiguration away from having their critical services and data exposed to the internet.”
Nandakumara recommends organizations start by extending a Zero Trust security strategy to the cloud. Today's ever-evolving threat landscape requires proactive measures such as Zero Trust Segmentation (ZTS), also called microsegmentation, to contain attacks and prevent lateral movement. An important first step for implementing Zero Trust technologies like ZTS is getting end-to-end visibility into network traffic, says Nandakumara. This helps teams spot and prioritize security gaps.
Embracing a Zero Trust strategy is not just a theoretical concept but a practical response to the cloud's borderless nature. This approach, rooted in the understanding that security incidents are inevitable, offers a more dynamic defense mechanism.
But security teams can’t go up against cloud security challenges alone. Nandakumara encouraged organizations to break down silos and build closer collaboration, especially between security teams and developers.
“Security isn’t a solitary endeavor,” he said. “Bridging this gap isn't just about improved security measures; it's about fostering a culture where security is a shared responsibility, similar to the partnership organizations have with their cloud providers.”
With these strategies, it’s possible for organizations to reduce security gaps in the cloud and mitigate potential security risks.
Federal agencies: How to prioritize Zero Trust initiatives
Gary Barlet, Federal Field CTO at Illumio and former CIO at the Office of Inspector General for the United States Postal Service, encourages federal agencies to prioritize incremental progress on Zero Trust mandates in his Federal Times article, How to maximize impact in the next phase of zero trust.
Federal Zero Trust mandates, including the Biden Administration's 2021 Executive Order 14028 and Zero Trust strategies released by the Office of Management and Budget and the Department of Defense, highlight the need for agencies to prioritize Zero Trust initiatives. Barlet explains that Zero Trust is a cybersecurity best practice, enabling agencies to proactively strengthen their security defenses and mitigate inevitable breaches from the outset.
“Today’s threat landscape demands a strategy that is not only robust, but adaptable and ready to respond to new and emerging threats with precision,” Barlet said.
Despite the importance of Zero Trust, implementing the new strategy can be challenging for agencies. Barlet acknowledged that many agencies are balancing competing priorities, especially with potentially limited budgets and small IT and security teams.
So how can agencies prioritize Zero Trust requirements despite these challenges? Start with ROI.
“When it comes to reaching critical objectives and accelerating Zero Trust plans specifically in 2024, it’s important for agencies to consider where they can best maximize investments to get the most ROI out of limited cyber resources,” Barlet explained.
He recommends agencies focus on tailoring strategies to their unique cybersecurity journey stages, prioritizing security around critical data sets, and implementing tactical measures such as Zero Trust Segmentation (ZTS). ZTS is a foundational to any Zero Trust strategy, proven to reduce the blast radius of cyberattacks and save organizations millions by limiting unplanned downtime.
By recognizing that there’s no one-size-fits-all for Zero Trust security, agencies can ensure they’re getting as much ROI out of their Zero Trust spending as possible and complying with federal mandates.
Learn more about how ZTS can help your agency build Zero Trust.
Illumio named a top 10 hot cybersecurity company to watch by CRN
CRN highlighted Illumio in their recent list, 10 Hot Cybersecurity Companies You Should Watch In 2024. The list represents companies across the tech industry that are on CRN’s radar as a result of their strong growth and channel investments.
Illumio made the list for cloud security innovation with the launch of Illumio CloudSecure and top security industry hires, including Todd Palmer, Illumio’s new Senior VP of Global Partner Sales and Alliances, and John Kindervag, Creator of Zero Trust and Illumio’s new Chief Evangelist.
Contact us today to learn more about how Illumio can help your organization stop the spread of breaches and ransomware.