Illumio Report Reveals Few Companies Protect Against Breaches with Segmentation
Findings also suggested firewalls are misused for segmentation
Sunnyvale, CA — December 18, 2019 — Illumio, the leader in segmentation for workload security, today released the findings from a new report that investigated the state of segmentation as part of defense-in-depth. The findings show that despite the inevitability of security-related incidents, few organizations currently protect against the spread of breaches with segmentation – only 19 percent of the 300 IT professionals surveyed currently implement segmentation solutions today. While approximately 25 percent are actively planning a project, more than half are not protecting with segmentation at all or planning to in the next six months.
Organizations are Unprepared, Hoping for the Best
Security segmentation limits the ability for attacks to move laterally inside an organization by breaking data center and campus networks or clouds into smaller segments. It is widely recognized as a cyber security best practice, although it is drastically underutilized in organizations today.
“The results from this survey confirm what we have long known. Despite the fact that organizations realize the likelihood of a security incident is high, they do not leverage segmentation because it is too hard and costly to implement, especially with firewalls, preventing wider adoption. This is why we have spent years developing a purpose-built segmentation solution used for security. It is simpler, more effective, and drives the cost out of segmentation projects so organizations can consider a future free of high-profile breaches,” said Matt Glenn, VP of Product Management at Illumio.
A somewhat positive finding showed that 45 percent of respondents currently have a segmentation project in flight or are planning to begin one in the next six months. Of those who are planning a project, the survey found that 81 percent of respondents will leverage firewalls for segmentation, despite the fact that they are slow to implement, don’t adapt, are complex to work with, and were not built to serve this function.
Firewalls Are Falling Short
Companies still wisely rely on firewalls for perimeter security, however most cited difficulties with how costly they are to implement and manage for segmentation. 68 percent of respondents struggle with securing initial capital expenditure budgets for firewalls and 66 percent find it challenging to secure ongoing operating expenditure budgets.
The size and complexity of firewalls also cause problems for organizations. The average time for respondents to deploy and tune firewalls for segmentation was one to three months. In addition, more than two-thirds of respondents acknowledge that firewalls make it hard to test rules prior to deploying, making it easier to accidently misconfigure rules and break applications. Regardless of these downfalls, 57 percent cite potential risk induced by change as the leading reason why they do not stop using firewalls.
Segmentation as a practice is foundational to security frameworks like Zero Trust. According to Forrester Research’s Zero Trust website, “defending the perimeter is no longer an effective strategy. Zero Trust implements methods to localize and isolate threats through microcore, microsegmentation, and deep visibility to give you an organized approach to identify threats and limit the impact of any breach.”
Host-Based Security Segmentation is More Cost-Effective and Reliable
Host-based security segmentation offers a more cost-effective and reliable approach to segmentation and is more effective at protecting data centers and cloud ecosystems against lateral data breaches. Since host-based, security segmentation is software-based and isn’t tied to the network, it offers several strong benefits:
Illumio sponsored this independent, third-party study conducted by Virtual Intelligence Briefing (ViB), surveying more than 300 IT professionals from a cross-section of mid- to large-sized companies, most from companies with more than 1,000 employees. ViB is an interactive online community focused on emerging through rapid growth stage technologies. Its community is comprised of more than 1.2M IT practitioners and decision makers who share their opinions by engaging in sophisticated surveys across IT domains.
To download a copy of the report, visit https://www.illumio.com/resource-center/research-report-state-of-security-segmentation.
Illumio enables organizations to realize a future without high-profile breaches by providing visibility, segmentation, and control of all network communications across any data center or cloud. Founded in 2013, the world’s largest enterprises, including Morgan Stanley, BNP Paribas, Salesforce, and Oracle NetSuite, trust Illumio to reduce cyber risk. For more information, visit www.illumio.com/what-we-do and:
Highwire PR for Illumio
415-963-4174 ext. 26