Top Cybersecurity News Stories From August 2024
Security teams in both the public or private sector are struggling with the challenge of using new cybersecurity technology while dealing with ongoing security threats.
This puts teams in a difficult situation. While new technology can make defenses better, it can also bring new risks. That’s why it’s more important than ever to get ready for possible breaches and ransomware attacks.
This month’s news covers what cybersecurity experts are talking about:
- Why AI and automation are big issues for government security
- How recent breaches in UK local governments show hidden problems
- Why Illumio is a Leader in a Forrester Wave™: Microsegmentation Solutions, Q3 2024
Government cybersecurity concerns: AI and automation
Gary Barlet, a principal solutions architect for the public sector at Illumio, recently talked with MeriTalk about the current state of government cybersecurity in Cyber Defender Q&A: Illumio’s Gary Barlet on Pain Points, AI, and Zero Trust.
When talking about AI, Barlet mentioned that while attackers might use AI to make their attacks stronger, AI also has a lot of potential to improve cybersecurity. He said, “We’re getting closer to AI actually helping IT security and living up to the hype.”
But he warned against relying too much on AI. It can have flaws and still needs human supervision. Security teams should keep an eye on AI tools. This is crucial to make sure they’re working properly.
Barlet also expressed concerns about using too much automation in cybersecurity. He cautioned that if we rely too heavily on automation, people might lose the skills needed to really understand how things work. This could mean fewer experts and more unfilled cybersecurity jobs in the public sector.
“There’s this concern starting to grow that we’re turning so much stuff over to automation that nobody’s going to understand how anything really works,” he said.
So, how can we address these threats? Barlet stressed that the zero-trust security model is key. This model is based on the idea that breaches are inevitable. Today, it's impossible to keep out all threats completely. Agencies should always be prepared for attacks.
“It’s the first security model that really embraces this concept of we’re not always going to be successful keeping the bad guys out,” he said.
UK local government breaches highlight cybersecurity weaknesses
Locata, an online housing registration platform used by Manchester, Salford, and Bolton councils in the UK, recently suffered a breach. The attack highlights the security vulnerabilities facing local authorities. Trevor Dearing, industry solutions marketing director at Illumio, shared his thoughts in an article by Emma Woollacott in ITPro, Thousands targeted with phishing emails after cyber attack on Greater Manchester councils.
The attack caused thousands of users to receive phishing emails. This led the Manchester City Council to temporarily shut down its Manchester Move website. Salford City Council also closed its Home Search website. They had concerns about possible data leaks.
This incident highlights a bigger problem: supply chain attacks in the public sector. The UK's Joint Committee on the National Security Strategy (JCNSS) recently criticized the government for not giving councils enough support.
Dame Margaret Beckett, the committee chair, said that councils were "unprepared and unsupported" by the government.
Dearing warned that councils are appealing targets for cyber attackers. "Every council needs to accept they will be attacked and focus on building security controls that minimize the impact of attacks," he advised.
He also emphasized the need to reduce the risks from third parties. Local government can do this by building strategies such as least-privilege access and network segmentation.
The attack on Locata serves as a clear reminder that local governments worldwide must strengthen their cybersecurity measures. This is particularly true for securing supply chains and reducing the effect of breaches.
Illumio is a Leader in The Forrester Wave™ for Microsegmentation Solutions, Q3 2024
Microsegmentation is a key component of zero trust, and the market is changing quickly.
Forrester reviewed the top microsegmentation vendors based on their current offering, strategy, and market presence. The research included interviews with customers. Illumio received the highest average scores for both current offering and strategy.
Forrester gave Illumio scores of Superior in 16 of the 23 criteria. That’s exceptionally high. The Illumio Zero Trust Segmentation (ZTS) Platform scored highest in key areas, such as:
- Flow asset and discovery
- Policy management and UX
- Visibility
- Host-based enforcement
- Network-based enforcement
Illumio also ranked Superior in strategy, including:
- Vision
- Innovation
- Supporting services
- Pricing flexibility and transparency
Forrester says that “Illumio is the original microsegmentation specialist.”
“Where Illumio really shines is letting the operator perform incident response activities like quarantine, mass-quarantine, and live recovery during an active attack,” Forrester said. The research firm also noted that Illumio’s UI “is visually informative and the most powerful we evaluated.”
This isn’t the first time Forrester has recognized Illumio’s leadership in this fast-growing segment. The research firm had named Illumio a Leader in:
- The Forrester New Wave™: Microsegmentation, Q1 2022
- The Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q3 2020
Contact us today to learn how Illumio can help you stop the spread of breaches and ransomware attacks.