Networks are getting more complicated and, at the same time, cyberattackers are becoming more sophisticated. Increasing business reliance on digital data, apps, and transactions means that securing the network effectively is mission-critical and can’t wait.
According to a Gartner report, boards are becoming weary of spending heavily on complex cybersecurity solutions for what they see as little result. The problem isn’t lack of attention or failure to understand the importance of a robust investment in cybersecurity. Rather, the problem is that organisations tend to approach cybersecurity in the wrong way, often focusing on compliance alone, or assuming that a high level of spend automatically equates to strong and ongoing protection.
The reality is that most businesses are continually playing catch-up when it comes to protecting the business from malicious actors.
The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) helps six entities respond to cybersecurity incidents each day, on average. Some incidents take weeks or months to resolve. During that time, threat actors are free to roam around their victims’ networks, compromising and exfiltrating data, planting further exploits, and generally causing disruption.
Containing these threat actors and restricting their movements within the network is essential to minimise the damage and the associated costs. This is where cybersecurity spending should be focused for maximum results.
From segmentation to micro-segmentation
The ACSC describes network segmentation as a highly effective way to limit the impact of a network intrusion. In an unsegmented network, malicious actors need only find the smallest gap or vulnerability and then can access the entire network, including sensitive, mission-critical information. This makes the organisation significantly vulnerable to ransomware attacks in which the business’s data is encrypted and held to ransom, as well as other types of attacks and data breaches.
Applying a simple segmentation approach is like putting dividing walls at key points in the network. These walls prevent unauthorised users from moving around quite so freely within the network. The segmentation approach lets businesses protect the most sensitive information and systems behind the strongest security, keeping them separate from the environment users use to access external resources. This effectively limits the attack surface.
Traditional network segmentation works in a so-called north-south direction. This covers traffic that goes between clients and servers, or between the data centre and any parts of the network outside the data centre.
This is an important and useful approach. However, it doesn’t account for east-west traffic, which is the lateral traffic that doesn’t leave the data centre, such as server-to-server traffic. Failing to segment the network across east-west lines leaves it open for cyberattackers to move laterally within the network.
Micro-segmentation addresses this gap, separating individual workloads from one another within the network. Especially important in the new network architecture in which perimeters are less defined, micro-segmentation protects each workload individually. This is an incredibly powerful approach to mitigating cybersecurity risk.
Micro-segmentation helps overcome issues around getting a strong return on investment in cybersecurity measures because it:
- plays a key role in zero trust networking
- puts full control into the hands of the business
- mitigates the broader risk of an attack even if a cybercriminal accesses part of the network
- makes it easier and faster to detect, locate, and remediate attacks
- reduces the risk of data exfiltration
- limits the attack surface.
Micro-segmentation solves 10 network security problems, to learn more and find out how to strengthen your network secuirty view our Tip Sheet HERE.
ditno can give you the visibility you need within minutes and a fully governed network in weeks. Schedule a demo to see it for yourself.