Top Cybersecurity News Stories From March 2024

According to recent research by Forrester, Zero Trust is emerging as the mainstream security approach to mitigate risks and safeguard critical assets. Now, with the validation of Zero Trust clear, organizations are seeking ways to align their security strategies and spending with Zero Trust best practices.

This month’s news featured insights from cybersecurity experts and thought leaders on topics including:

• The new NSA cybersecurity information sheet — and why the creator of Zero Trust is impressed with it
• How ROI-driven cybersecurity spend can proactively secure against attacks
• Illumio’s recognition as a top security company of 2024  

John Kindervag: How to implement Zero Trust based on new NSA guidance

The Godfather of Zero Trust is excited about the new cybersecurity information sheet released by the National Security Agency (NSA), Advancing Zero Trust Maturity Throughout the Network and Environment Pillar. John Kindervag, creator of Zero Trust and Chief Evangelist at Illumio, details his thoughts on the document and how to build a Zero Trust security strategy based on its recommendations in his recent SC Magazine article, Five ways to implement Zero Trust based on NSA’s latest guidance.

Ransomware extracted $1.1 billion from organizations in 2023 alone. The missing security piece, according to Kindervag? Segmentation.

As the creator of Zero Trust, I’m pleased to see the NSA’s document emphasizes a paramount, yet frequently overlooked element of Zero Trust security: segmentation.

Kindervag noted that he’s long advocated for segmentation as foundational to Zero Trust. However, in recent years, he’s noticed a shift in focus toward the Identity pillar of Zero Trust which has left network security controls vulnerable both on-premises and in the cloud.

“As the attack surface expands and the digital landscape grows increasingly interconnected, segmentation of on-premises networks, cloud, multi-cloud, and hybrid environments becomes imperative for organizations to fortify resilience and establish enduring Zero Trust architectures,” he explained.

Based on the document’s guidance, Kindervag recommends organizations build Zero Trust by:

• Deploy continuous authentication: Move away from outdated security models focused solely on perimeter defense and static authentication methods. Instead, prioritize Zero Trust principles which emphasize continuous authentication and authorization. This may involve utilizing more advanced techniques like biometric authentication, behavior analytics, and machine learning algorithms to continuously assess and adapt to risks.
• Extend Zero Trust to cloud and edge environments: As cloud and edge computing become increasingly prevalent, integrate Zero Trust principles into these distributed architectures. Additionally, explore the integration of cloud-native security solutions to enhance overall security.
• Adopt API-centric security: With the rise of microservices and API-driven architectures, make sure Zero Trust principles reach beyond traditional network boundaries. Secure interactions between services and APIs by implementing granular access controls, encryption, and authentication mechanisms.
• Balance security with privacy considerations: Given heightened scrutiny around privacy implications, Zero Trust implementation must carefully balance security requirements with privacy concerns. It's essential to enforce access controls without compromising individual privacy rights.
• Ensure compliance: Organizations must ensure that their Zero Trust strategy aligns with data protection regulations such as GDPR and CCPA. This may require additional safeguards to protect sensitive data and demonstrate compliance with relevant laws.

Kindervag believes that this new move by the NSA to draw attention to the Network Security pillar of Zero Trust — and its key focus on segmentation — comes at a crucial time when cyber threats are evolving and organizations are seeking ways to improve network security. By recognizing the pivotal role of network security, particularly in combating ransomware attacks, the NSA aims to encourage organizations to prioritize network security controls as they progress towards implementing a Zero Trust architecture.

“I commend the NSA for issuing its latest guidance because it’s a significant endorsement of the effectiveness and significance of ZTS...” Kindervag said. “It’s impossible to prevent all cyberattacks, but implementing a Zero Trust model will significantly reduce the potential damage and strengthen any organization’s security posture.”

The lack of ROI-driven security spend gives attackers the upper hand

When everything is important, nothing is important. This expression reflects a common challenge facing CISOs trying to prioritize security spend. Many are floundering with competing priorities in a cybersecurity environment where everything is important — but only a few initiatives can get addressed.

In his recent article for the Intelligent CISO, How can CISOs ensure their cyber spending really counts?, Paul Dant, child hacker turned security researcher and Senior Systems Engineer at Illumio, provides a better way for CISOs to think about security spending: embracing ROI-driven investments.

“To successfully fight back against today’s threat actors, organizations need to do more than simply increase their spending,” Dant explained. “Security investments must be focused in the right areas to ensure the spend is truly delivering maximum business return on investment (ROI) and furthering organizational resilience against the backdrop of today’s advanced and persistent threats.”

Despite organizations pouring money into bolstering their cyber defenses, breaches and ransomware attacks are rising exponentially, with a 20 percent increase in data breaches between 2022 and 2023. Security experts expect 2023 to be no different: Dant cites a Gartner report that predicts global spending on cybersecurity will reach $215 billion in 2024. This is due largely to the outsized impact of breaches on organizations’ budgets, costing them $4.45 million on average last year.  

The solution? Think about spending from an ROI perspective. For Dant, this means looking for solutions that extend beyond traditional measures like endpoint protection and perimeter defenses to focus on those that thwart lateral movements within and across hybrid IT. This includes breach containment technologies like Zero Trust Segmentation, something that’s foundational to a Zero Trust architecture.

Dant recommends CISOs and cybersecurity leaders use these three steps when defining security spending:  

1. Define clear objectives and desired outcomes for cybersecurity spend: To achieve success, it’s essential that CISOs direct spending towards specific organizational goals alongside setting timely and achievable targets.  

2. Regularly evaluate and test the current risk status of your organization: Without a comprehensive understanding of your organization's most vital assets, areas lacking visibility, and the repercussions of a breach, it is impossible to develop an effective defense strategy.

3. Secure buy-in from the business: To secure the initial budget, it’s crucial for CISOs to align security strategies with broader business objectives and secure support from senior management. Adopting a targeted approach can have its advantages. For example, rather than advocating for simultaneous implementation of sophisticated, tactical strategies across the board, start by prioritizing the most crucial and vulnerable areas. This approach simplifies budgeting for your strategy, can gain quick support, and allows you to measure success.

“By adopting an ‘assume breach’ mentality and proactively preparing for breaches, organizations will be better enabled to address today’s reality that breaches do happen (a core tenet of the Zero Trust methodology),” Dant said.

“As a hacker, my advice for any organization looking to shore up resilience is to focus foremost on limiting the attack surface and figuring out how you can quickly contain breaches when they do occur."

Illumio named a top security company of 2024

eSecurity Planet named Illumio as part of their list of cybersecurity market leaders, Top 40 Cybersecurity Companies You Need to Know 2024.

The list is made up of security companies who lead in innovation, performance, revenue, and growth. They also looked into Gartner Peer Insights reviews, Glassdoor scores, and composite security testing results.

Illumio made the list for having three innovative product offerings as part of the Illumio Zero Trust Segmentation Platform, a 4.6/5.0 Gartner Peer Insights rating, and a 4.0/5.0 Glassdoor score.

Want to learn more about Illumio Zero Trust Segmentation? Contact us today.