Each month, organizations report an increasing number of ransomware attacks and breaches. The growing transparency about cyberattacks is encouraging, showing more cybersecurity professionals are recognizing that breaches are inevitable. But it also demonstrates the true magnitude of cyber threats faced by organizations of every size, industry, and geography.
It’s time to build resilience against today’s complex ransomware and threat landscape. Traditional prevention and detection are no longer enough to keep breaches from happening – or to keep them from turning into cyber disasters. Breach containment is a proven path forward.
This topic was the focus of Illumio’s news coverage in June, including:
Breach containment discussions at Infosecurity Europe 2023
Why energy providers must assume breach and build cyber resilience
Increasing cyber threats for higher education institutions
Keep reading to learn more.
Breach containment: A key talking point at Infosecurity Europe 2023
Infosecurity Europe 2023 was held in London this month, and breach containment was a major discussion at this year’s conference. In the ever-evolving world of cyberattacks, breaches are inevitable, and organizations are focusing on ways to contain breaches when they happen to prevent catastrophic consequences.
The article spotlighted Illumio’s Strategy Talk on June 22 at Infosec. The session featured Raghu Nandakumara, Illumio's Head of Industry Solutions, and renowned cybersecurity experts from Bishop Fox. Together, they explored the effectiveness of breach containment and shared insights on how organizations could achieve more tangible results.
Key takeaways from the Strategy Talk included:
Reducing security risk: Illumio's breach containment strategy empowers organizations to proactively reduce the risk of cyberattacks and breaches. By implementing robust security measures, potential threats are isolated and prevented from spreading, minimizing the impact on critical systems and data.
Stopping ransomware: Ransomware attacks have become increasingly prevalent and damaging. Illumio's approach helps organizations effectively combat ransomware by containing the attack and preventing it from spreading across the network. This containment limits the damage caused and enables a swift recovery process.
Maximizing ROI: Traditional security investments often lack visibility and fail to demonstrate their effectiveness. Illumio Zero Trust Segmentation (ZTS) offers breach containment with measurable ROI by focusing on outcomes that contribute to an organization's resilience. This ensures that money spent on security yields tangible results.
Dearing discussed the importance of strengthening cyber resilience in the energy sector in light of the Colonial Pipeline ransomware attack and the harrowing profitability of denying access to energy services. In fact, the ransomware gang responsible for the Colonial Pipeline attack received a $4.4 million ransom, making the breach the most-costly ransomware attack on the energy sector to date.
To cope with the security risks facing the energy sector, Dearing emphasized that energy providers must adopt an "assume breach" mindset. He goes on to outline four key strategies to enhance cybersecurity postures:
Integrating innovation across security programs: Operators should move away from the outdated air-gapped model and focus on integrating security systems with modern assets. This allows for Zero Trust Segmentation (ZTS), also called microsegmentation, and prevents attackers from moving freely within the network.
Thoroughly assessing and mapping network infrastructure: As energy providers collect more data and face increasing demand, it's crucial to have a comprehensive understanding of the network. Protecting individual resources and assets separately through ZTS is essential to prevent breaches from spreading.
Alleviating the strain on security teams: The talent shortage in cybersecurity poses challenges for energy providers. Leveraging third-party expertise, such as managed service providers or vendor-aligned experts, can help compensate for resource and knowledge gaps.
Segmenting network assets: With IT and OT networks becoming more interconnected, energy providers need to prioritize separating different parts of the infrastructure. By implementing a Zero Trust approach, threats can be contained, and the impact of breaches minimized.
An "assume breach" mindset backed by breach containment is crucial for energy providers to protect their assets effectively. Containment solutions like Illumio ZTS help stop the spread of breaches when they inevitably happen, mitigating cyber disasters and allowing security teams to maintain business operations despite an attack. In fact, a recent ransomware scenario emulation conducted by Bishop Fox found that ZTS stops breaches from spreading in less than 10 minutes, nearly four times faster than detection and response capabilities alone.
Breach prevention and detection alone are not enough in the face of sophisticated cyber threats. It’s time for the energy sector to embrace modern breach containment strategies to be better prepared to survive breaches.
Higher education institutions are a major target for ransomware and breaches
James Coker with Infosecurity Magazine reported that the UK’s University of Manchester experienced a cyber incident that resulted in unauthorized access to its systems and likely data copying. Patrick Hackett, chief operating officer at the university, confirmed the breach in a statement published on June 9, 2023.
The ransomware attacks on universities and educational institutions have been increasing in recent years, with each incident averaging over £2 million to remediate, according to research conducted in 2022.
For example, Coker highlighted the impact of ransomware on Lincoln College in the United States. The college was forced to close its doors when an attack by ransomware gang Vice Society compromised critical data. Coker said the group has been actively targeting the education sector across the U.S. and Europe.
Coker cited security expert Raghu Nandakumara, Senior Director of Industry Solutions at Illumio, who praised the University of Manchester for its transparency and proactive approach in notifying and engaging the authorities.
“If data is found to have been compromised, then the potential impacts could be huge,” said Nandakumara. “Not only do Universities have a huge raft of personal data on students and staff, but they also conduct valuable sensitive research and have a variety of technology and devices connected to the University network which increases attack exposure.”
The ransomware attack on the University of Manchester is another example of the inevitability of cyberattacks – and the impact attacks can have on higher education. Universities' data is available, and university authorities must take prompt action against cyber threats.
Breach containment strategies are one of the best ways for higher education institutions to achieve cyber resilience. While prevention and detection tools are important, today’s complex breaches are still making their way into the network. By implementing containment solutions like Illumio ZTS, colleges and universities can stop the spread of breaches and contain the damage so that operations may continue despite a breach.