Banning Ransom Payments, Zero Trust for Microsoft Azure Firewall, and Recent UK Breaches

As breaches and ransomware attacks continue to impact public and private sector organizations alike, cybersecurity initiatives that bolster cyber resilience are vital. Cybersecurity leaders are advocating for updates to traditional security approaches, including challenging the way we think about cyber responsibility within an organization, adopting breach containment strategies, and implementing Zero Trust security policy to build more robust networks and infrastructure.

This was the focus of Illumio news this month. Keep reading to learn more about this month’s top coverage, including:

• A federal field CTO’s perspective on the impact of a potential U.S. government ban on ransom payments
• How the new joint solution between Illumio and Microsoft brings Zero Trust to Microsoft Azure Firewall users
• Two breaches that impacted important critical services in the UK

A proposed US ransom payments ban could save CISOs from burn out

A significant shift may be on the horizon with the White House considering a ban on ransom payments. As Gary Barlet, Federal Chief Technology Officer at Illumio, addressed in his recent Harvard Business Review article, How a Federal Ban on Ransomware Payments Could Help CISOs, this change could shift cybersecurity conversations to the highest levels of corporate leadership, including CEOs, CFOs, and boards. Such a change would broaden cybersecurity awareness and accountability, potentially leading to the responsible parties being held accountable across all aspects of business – not just the CISOs.  

CISOs are tired. In fact, Barlet cites a recent survey which found that three out of every four CISOs in the U.S. are feeling burned out. They’re feeling the pressure of rising cyberattacks, complex attack surfaces, and constrained budgets. And on top of grappling with resource management, Barlet highlighted that many are assuming dual roles of CIO/CISO in an attempt to streamline strategies and cut costs.  

Unfortunately, when breaches and ransomware attacks occur, CISOs often find themselves automatically shouldering the blame. As Barlet said, they often become the “Chief Scapegoat Officer” for cyberattacks. CISOs are feeling real pressure – and stress – from this lop-sided responsibility. A survey this year found that 62 percent of CISOs are worried that when a breach occurs, they’ll be held personally accountable.

Barlet believes the fairness of holding CISOs solely accountable for security breaches is questionable. Often, breaches result from misconfigurations or lax security practices throughout the organization, yet the blame is quickly shifted to CISOs, leading to a crisis point for cyber leaders.

But this dynamic could soon change with a new ban on ransom payments.

“By broadening the scope of responsibility for cyber and ransomware attacks, CEOs and CFOs will be incentivized to spend more on cybersecurity proactively,” Barlet explained. “Not just when they have to or after a breach occurs, but before a cybersecurity oversight can lead their company to lose data for millions.”

According to Barlet, cybersecurity must become a discussion for leadership across the entire organization, not just for CISOs. It’s evident that the long-standing habit of blaming CISOs for cybersecurity lapses is unsustainable. This paradigm shift holds the promise of fostering greater cyber resilience and cultivating an environment of more equitable cyber responsibility by giving CISOs a more manageable, balanced role in the organization.

Want to read more from Barlet? See these articles published in August:

• Feds Key on Segmentation to set Zero Trust Foundation
• Stepping Up Cyber Resilience: The US has launched its National Cybersecurity Strategy Implementation Plan (NCSIP)

Simplify Zero Trust policy enforcement with Illumio for Microsoft Azure Firewall

This month, Illumio launched its joint solution with Microsoft – Illumio for Microsoft Azure Firewall. The new solution was featured in SiliconANGLE’s article, Azure Firewall gets a security upgrade with Illumio integration.

Get other perspectives on the new solution from articles in EnterpriseTalk, Help Net Security, and IT Brief Asia.

Illumio for Microsoft Azure Firewall aims to enhance security within the Azure ecosystem by extending Zero Trust principles to the firewall. This collaboration provides an innovative approach to visualizing, securing, and managing traffic between Azure resources through the Azure Firewall, ultimately reducing the risk of breaches.

Learn more about the new solution.

“Illumio for Microsoft Azure Firewall helps modernize firewall policy management by making it easy to enforce Zero Trust,” Narayan Annamalai, General Manager at Microsoft said.

Important features of Illumio for Microsoft Azure Firewall include:  

• Zero Trust policy enforcement: The solution establishes a Zero Trust enforcement point, implementing continuous authentication and authorization for access to resources. This approach mitigates potential threats, including those within the network interior.

• Context-based security rules: Traditional firewall configurations often rely on IP addresses or hostnames, which can be limiting in a dynamic cloud environment. Illumio's solution enables context-based security rules that adapt to shifts in Azure deployments.
• Application uptime: The service ensures improved application uptime, allowing enterprises to innovate and expand without compromising critical applications. A simulation mode enables security teams to test and validate policies before full enforcement.
• Consistent, scalable Zero Trust: Illumio for Azure Firewall offers Zero Trust Segmentation controls that minimize the impact of cyberattacks, enhancing an organization's resilience and reducing risk.
• Visibility and prioritization: The solution provides simplified context-based visibility of communication across Azure Firewall and Azure network security groups. This feature helps organizations prioritize and implement effective security policies.

As organizations increasingly adopt hybrid cloud ecosystems, Illumio for Azure Firewall helps organizations bolster their security against breaches and ransomware.  

The solution is now generally available on the Microsoft Azure Marketplace.

International cyberattacks continue to impact critical services

This month, the UK experienced several significant attacks to critical civilian services, including NHS ambulance service trusts and the UK Electoral Commission. The continued impact of such cyberattacks points to the urgent need for breach containment strategies to stop and contain the spread of inevitable breaches.  

Breach halts NHS ambulance service operations: Cyber criminals targeted the UK’s South Western Ambulance Service Foundation Trust (SWASFT) and South Central Ambulance Service Trust (SCAS) this month. Together, the SWASFT and the SCAS serve around 12 million people. While the services said there’s no indication that patient data has been impacted or stolen, they did report that electronic patient records were unavailable during the attack, requiring them to use manual systems. Our Director of Critical Infrastructure Trevor Dearing shares his thoughts on the breach  in Building Better Healthcare’s article.  

Data stolen from the Electoral Commission: On August 8, the UK’s Electoral Commission announced that their systems had been breached. Bad actors reportedly stole data on all registered voters in the UK, including the “name and address of anyone in the UK who registered to vote between 2014 and 2022, as well as the names of those registered as overseas voters,” said the report. UK officials are blaming state-sponsored Russian hacking groups. Our own Gary Barlet chimed in on the impact of the breach. You can read his thoughts in reports from Infosecurity Magazine and Silicon UK.

Interested in learning more about Illumio? Contact us today.