Top Cybersecurity News Stories from November 2023

Increased innovation means greater scalability, productivity, and flexibility for organizations — but it can also mean increased cybersecurity risk. As organizations explore new opportunities with AI and cloud services, it’s becoming clearer that traditional cybersecurity isn’t up to the task.  

This month’s news featured insights from cybersecurity experts and thought leaders on:

• The failure of traditional cloud security solutions in today’s complex, hybrid world
• Why Zero Trust Segmentation is essential to securing the cloud
• Global discussions around AI safety, innovation, and security
• How ongoing LockBit and MOVEit attacks underscore the need for breach containment

Nearly half of breaches originated in the cloud — is your cloud security ready?

New research from Vanson Bourne on the state of cloud security was featured this month by both Cyber Magazine‘s Amber Jackson and BetaNews’ Ian Barker. The Cloud Security Index 2023 revealed that 47 percent of all data breaches originated in the cloud in the last year and cost organizations an average of $4.1 million USD.

The report surveyed 1,600 IT and security decision-makers across nine countries. It found that traditional cloud security approaches are failing organizations across the board — and highlighted the need for a new approach to cloud security.  

“In simple terms, the cloud environment is dynamic, but current security tools are not,” John Kindervag, Chief Evangelist at Illumio, said to Cyber Magazine.  

Though 98 percent of organizations surveyed store their most sensitive data in the cloud, Vanson Bourne discovered that 90 percent of IT and security leaders are concerned about their organization’s cloud security. In particular, respondents worry about their lack of visibility and reaction time to inevitable cloud breaches.  

What’s the solution? Security leaders are turning to a Zero Trust security strategy with Zero Trust Segmentation (ZTS) as a foundational technology. According to Jackson in Cyber Magazine, ZTS should be a non-negotiable for businesses based on the report’s findings.  

“Organizations need modern security approaches that offer them real-time visibility and containment by default to mitigate risk and optimize opportunities afforded by the cloud,” Kindervag explained in BetaNews. “I'm optimistic that nearly every security team is prioritizing improving cloud security in the months ahead, and that they see solutions like ZTS as an essential piece of their Zero Trust journey."

Illumio extends ZTS to the cloud with Illumio CloudSecure

In response to the dire need for enhanced resilience in the cloud, Illumio has expanded its Zero Trust Segmentation Platform with Illumio CloudSecure, an innovation featured in Help Net Security.  

Illumio CloudSecure helps security teams reduce the impact of cyberattacks and bolster their cybersecurity posture across public cloud environments, including servers, virtual machines, containers, and serverless computing, by:

• Visualizing cloud workload connectivity to gather insights with an interactive map of application deployments, resources, traffic flows, and metadata.
• Applying proactive segmentation controls to enable trusted communications between applications by authoring and provisioning controls using labels and IP lists.
• Containing cloud attacks with the ability to adapt segmentation policies even in dynamic environments that are constantly changing.

Get an overview of Illumio CloudSecure in this video:

Try Illumio CloudSecure free for 30 days. Start your free trial today.  

Global governments address AI safety and security

Alongside cloud security, organizations are increasingly thinking about the security and integrity of AI – which continues to be a big discussion point in the industry. In response, the Biden administration issued its Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence on October 30. Among other guidelines, the EO requires developers to share safety test results with government officials to ensure AI is extensively vetted before public release. It also looks towards developing standards, tools, and tests to ensure AI safety and security as the technology progresses.  

MeriTalk’s John Curran and SC Media UK featured thoughts on the new EO from Gary Barlet, Federal Field CTO at Illumio. Overall, Barlet was positive about the directive.

“The White House’s swift response to artificial intelligence is commendable,” he told MeriTalk, “Particularly in recognizing the critical need to stay ahead of AI advancements and ensure the tools used to develop these systems are safe, secure, and trustworthy.”

However, he didn’t see tangible, timebound guidance in the EO that could help agencies — and private organizations alike — convert the mandate into action.  

“We know AI and emerging technologies are constantly advancing and are here to stay. This is an ongoing topic that the White House needs to consistently revisit, reassess, and adapt to,” he explained.

Barlet also noted that the global impact of AI extends far beyond the reach of U.S. government mandates.

“...AI is a global issue. Our safety checks are limited to what [the U.S. government] can control,” he said in SC Media UK. Despite this, Barlet does expect the EO to “be an important precedent for other more global AI regulation.”

Immediately following Biden’s EO, world technology and business leaders converged in the UK for the inaugural AI Safety Summit on November 1. The Summit aimed to highlight the risks of AI and explore how internationally coordinated efforts can help mitigate them.  

Despite the summit’s hype, many security experts were disappointed by the lack of tangible, actionable guidance stemming from the event. Get a senior security practitioner’s take on the Summit and the specifics he hoped to see in this article.  

LockBit and MOVEit attacks continue to wreak havoc

The Industrial and Commercial Bank of China (ICBC) has found itself among the recent targets of a ransomware attack by infamous ransomware group LockBit. EM360tech reported on the attack and asked Raghu Nandakumara, Head of Industry Solutions at Illumio, about its impact on the financial sector.  

According to EM360tech, ICBC’s attack is one of the largest ransomware attacks in recent months — though one of many for the LockBit gang. LockBit has been running ransomware-as-a-service since 2019 and has now grown into a major threat, accounting for 48 percent of known attacks in 2022.  

Learn how Illumio can help you contain LockBit ransomware attacks.  

Nandakumara told EM360tech that the attack is another reason why the financial sector needs to shore up its defenses against ransomware, highlighting the EU’s new DORA legislation that focuses on bolstering cyber resilience in the industry.

“Although ICBC's swift response to isolate and contain the attack is commendable, the broader economic disruption is concerning,” he said. “Any attack that can disrupt trade and the wider economy gives attackers more leverage and increases the likelihood of ransomware being paid.”

ICBC’s attack occurs at the same time many global organizations are grappling with the fallout of the ongoing MOVEit breach, which has exposed at least 64 million people’s personal information to date. In fact, this month  TechCrunch reported that the U.S. Securities and Exchange Commission (SEC) is further investigating the breach by probing Progress Software, owner of the MOVEit application. The conclusion of the probe is yet to be determined.  

Attacks like these highlight the criticality of modern breach containment strategies that go beyond traditional prevention and detection tools. ZTS provides a consistent approach to microsegmentation across the hybrid attack surface, allowing organizations to see and reduce risk across cloud, endpoints, and data centers at scale and with ease.

Get insight into how you can prepare your organization for zero-day exploits like MOVEit with Illumio.

Contact us today!