Cathay Pacific Security Takes Flight With Illumio
Overview and challenges
Their name has been on just about every "who’s-who of airlines" list, ranking top 10 from aircraft safety to ticket sales.
These accolades have been all but inevitable for Cathay Pacific as they’ve focused on delivering a world-class airline operation. But when they were targeted by an attack, a new inevitability in today’s cybersecurity landscape, the Hong Kong-based carrier redoubled their focus on their security program in short order.
“Zero Trust and least privilege came into the discussion right away,” explained YC Chan, Head of Infrastructure Engineering at Cathay. “We knew we had to implement microsegmentation for the right level of protection for our most critical applications.”
If the end goal of microsegmentation is to prevent lateral movement and protect “crown jewel” applications, Chan and his team must know their network better than anyone else from the start.
The team required visibility into application traffic across the entire network. But more than that, Chan sought a solution that would help them achieve their visibility and segmentation goals in the most efficient way possible.
“We had discovery tools that provided some visibility and insights, but ultimately did not integrate visualization and policy workflow,” said Chan. “In order to achieve our goals by the year-end deadline, we needed an interface that showed us application and workflow traffic and enabled us to act quickly and efficiently to block or allow flows.”
How Illumio helped
Chan and his team turned to Illumio Core and quickly realized it was “the easiest way to do microsegmentation.”
For one, the real-time application dependency map lets them see all connections between servers and what their applications are talking to. With that capability, they understand what needs to be protected and can take immediate action on flows to block them or authorize.
And with 600 applications at stake, the team exceeded expectations.
The ability to run policies in test mode before going into enforcement played an essential role in the success of Cathay’s deployment. This empowered ongoing collaboration between infrastructure and security teams and application owners.
We partner with application owners to review flows and help define policies. You couldn’t ask them to read firewall rules, but Illumio’s App Owner View map and plain language labels make it infinitely easier for them to understand the flows and apply policy. YC Chan Head of Infrastructure Engineering Cathay Pacific
The results? A reliable, thorough process for enforcement that helped them beat their most pressing deadline.
“We partner with application owners to review flows and help define policies,” said Chan. “You couldn’t ask them to read firewall rules, but Illumio’s App Owner View map and plain language labels make it infinitely easier for them to understand the flows and apply policy. We are confident that our applications are protected with the right level of segmentation — with no disruptions during enforcement.”
Not only does Cathay continue to use Illumio to bolster their internal defenses, but it is also helping solve another challenge: PCI DSS compliance.
Securing cardholder data is of paramount importance to Cathay. With Illumio Core’s mapping and policy creation capabilities, the business can meet many PCI compliance requirements.
The team is also leveraging SecureConnect on over 1,000 workstations for instant workload-to-workload encryption of data in motion.
The alternative route for this compliance initiative was installing tens of data center firewalls to shore up Cathay’s call center offices, amounting to an estimated $5M expense. With far less effort and spending, Cathay is well on its way to PCI peace of mind.
Results and benefits
- Fast time to value
The team came in ahead of schedule, faster than anticipated, in segmenting Cathay’s most critical and vulnerable applications.
- Less risk, more uptime
The ability to test the impact of new policies without any changes to the network gives teams much-needed confidence that enforcement will never break applications.
- Greater visibility, cross-functionally
Using the real-time map to involve application owners in the segmentation process improves policy accuracy and ultimately increases Cathay’s security posture.
- A clear path to compliance
Saving millions in potential firewall costs for PCI compliance, the team has Illumio Core’s encryption, visibility, and segmentation capabilities at their disposal to help meet compliance mandates.
Whenever we introduce new servers or applications, Illumio is part of the commissioning process. It has proven to be easy to deploy and implement and has helped us be more application centric. YC Chan Head of Infrastructure Engineering Cathay Pacific
Brooks Makes Strides in Security Strategy With Illumio
The top-tier running gear company implemented Illumio ZTS to reduce cyber risk, with zero application downtime or user impact.
Oracle NetSuite Protects Flagship Business Applications With Illumio
SaaS leader Oracle NetSuite improves security and uptime for 7,500 workloads with real-time visibility and Zero Trust Segmentation.
QBE Insurance Strengthens Its Zero Trust Security With Illumio
For QBE, microsegmentation reduces complexity and risk across a globally distributed infrastructure.