As we continue through Cybersecurity Awareness Month, we thought we’d bring you a few of our favorite cybersecurity best practices and takeaways courtesy of some of the brilliant industry experts featured on Season 1 of Illumio’s The Segment: A Zero Trust Leadership Podcast.
As organizations increasingly look to advance cyber resilience objectives, maximize ROI, and accelerate Zero Trust journeys, here are a few of the top tips that have stuck with us from leaders at Microsoft, IBM, Cylera, AWS, and more.
1. Zero Trust is a journey. You have to start small.
According to Greg Tkaczyk, Executive Consultant at IBM Security, who was featured on episode 5 of The Segment alongside coworker Stephan Corragio, Managing Partner at IBM Security, “Zero Trust is a journey... The focus has to be on continuous and incremental improvement that's measurable. And not big bang implementations that are going to disrupt the business."
Ryan Fried, Senior Security Validation Consultant at Mandiant (formerly Senior Information Security Engineer at Brooks Running) concurs. On episode 10, Ryan shared his own practitioner perspective on starting small and making incremental progress towards Zero Trust:
"In almost everything we do, we think about how we can go towards Zero and also Zero-ish Trust,” Ryan explained. “Actual Zero Trust is really hard to do, and I think it's really intimidating. When I first thought about Zero Trust, I thought about being able to allow less server-to-server communication, which really scares me, and it's really production-impacting. But for instance, what we're talking about is microsegmentation from a Zero Trust perspective. What is the best bang for our buck that we're going to get with being the least disruptive?"
Illumio Co-Founder and Advisor PJ Kirner (our guest on episode 6 of The Segment) further validates Greg’s and Ryan’s assertions that making progress on Zero Trust is what’s most important — and that journey looks different for everyone.
“You don't buy Zero Trust. There's not a single vendor that just you go buy it from, and you go check the checkbox. There is a journey that you're going on. That's what it is. It is strategy. You have to discover what's out there."
2. Visibility is paramount to cyber success
As more organizations look to advance their Zero Trust progress amidst hypercomplex, hyperconnected multi-cloud environments, visibility becomes essential.
Ann Johnson, Corporate Vice President for Microsoft Security Business Development, shared on episode 12 that, "The biggest problem CISOs still tell me today is visibility. So how do you see that something truly bad is happening in your environment, detect it super quickly and stop it from doing damage?"
Stephen Corragio, Managing Partner at IBM, shared his own take on how visibility continues to come up in conversations with clients on episode 5: “...back in the day it was around protecting everything, encrypting everything, and really making sure that we scan everything in an environment. Now when we talk to clients, it's around how do we make sure that we are truly looking after the most important things in our environment, making sure that those are properly protected, controlled. We have visibility, we're monitoring that, and then we're responding to threats in those particular environments versus trying to boil the ocean in everything that we do.”
In other words, everything today — from prioritization, to remediation, to vulnerability management — starts and ends with visibility.
3. Better late than never: Organizations have to start assuming breach
Richard Staynings, Chief Security Strategist at Cylera, shared on episode 11 that, “[Cyber resilience] is about sustaining an attack. Knowing that you're going have one, sustaining the attack, having business continuity measures in place that are well practiced and incident response measures in place that are well practiced so that you can continue the business, even if it's just on a trickle level. And you can keep your customers relatively satisfied while you clean up and restore. And that requires high levels of resiliency in your architecture, your application, your infrastructure and so much more."
In other words, assuming breach translates to preparedness which in turn results in business continuity and resilience.
Illumio’s Gary Barlet, Federal Field CTO, explained on episode 8 that, "the future of Zero Trust is going to be about... going back to assume breach... trying to get things down to the smallest piece possible. You talk about securing data, at the data element level. You're talking about securing applications at the application level, and at the individual piece, we get into microsegmentation of the individual pieces of an application. Trying to draw that ring of defense as small and as close to the source as possible, as opposed to the traditional, let's just draw big circles and try to prevent anybody from getting through the big circle, right. And doing it in such a way that it's layered, so that it really makes it difficult for adversaries to get in."
As the experts say, Zero Trust is all about progress over perfection. And every organization’s Zero Trust journey differs. But as you look to advance your own Zero Trust strategy and build resilience within your organization, make sure you’re starting with assume breach, prioritizing end to end visibility, and focus on making incremental progress on your Zero Trust goals. After all, the enemy of progress is perfection.
Make sure your organization is prioritizing cyber awareness and remaining resilient all year-round! Contact us today for a free consultation.
Swish: What Steph Curry Can Teach Us About Enterprise Security
The best security professionals are those that can think like a hacker. Their perspective on defense is based on a fundamental understanding of how to scour a system for weaknesses that can be easily exploited.