sb-au logo
Story image

The time for micro-segmentation is now

07 Mar 2016

Article by Tom Patterson, Unisys vice president of global security

You could say that 2015 was the year cyber-crime became mainstream. We saw companies from all over the world including the likes of Talk Talk, JP Morgan Chase and Ashley Madison all come under scrutiny as their breaches became global news. It’s repeatedly on the news agenda as it’s pervasive and growing in complexity and persistence. Breaches are not only detrimental to business, but major brands also run the risk of reputational damage due to the inconvenience and the exposure their customers are subjected to.

As a result, 2016 is the year when the priority will be to shift tactics to combat the increasing number of hackers by abandoning outdated security strategies to protect intellectual property and other assets. But how can this be achieved?

Security openness

Of course as with all change, the first step is for more security leaders to start admitting that their current processes are falling short in the first place, and look at new strategies and methods which have a more realistic chance of protecting the organisation.  These failings are no fault of the security teams and technology of old, but rather a recognition that businesses function differently these days, and therefore require a different approach to securing them.

This isn’t a new theory by any means, and is something which many experts have been stating for a while. However, despite the obvious ‘clean slate’ advantages of starting afresh with security solutions, there will still be a large section of CISOs who are unwilling to let go of their sunken costs and look forward. To succeed they will need to abandon the old ways of securing the enterprises – with bigger walls and more event tracking – and adopt the new micro strategy which takes advantage of network virtualization and IPsec to isolate the underlying infrastructure in a much more granular and controlled way. 

Einstein said it best when he said, “Insanity is doing the same thing over and over again and expecting different results.” Simply put, more IT leaders in government and commercial enterprises need to realise that investing more in yesterday’s ineffective technologies will, this year, not yield any different results.

Year of the micro

The answer to this is micro-segmentation, as it allows enterprise managers to quickly and easily divide physical networks into thousands of logical micro segments, without the historic security management overhead. This approach gives control back to the enterprise networks, without them having to deal with the firewall rules and outdated applications, all the while embracing remote users, cloud-based services and third parties that have all become targets for attack in today’s world.

This new micro-segmentation model will start giving the good guys the advantage in the fight against cyber-attacks. With new containment strategies, organisations will have the ability to work at the Internet Protocol (IP) packet level, which makes it easier to apply anywhere a company’s data goes - from data centres to public clouds, to employees on the move to suppliers around the world.  Micro-segmentation is driven by existing identity management systems, so it is simple to establish communities of interest for authorised users across all of these technologies. It is one of the ways which CISOs can ensure that their organisations stay ahead of the pack and in the strongest position possible when it comes to security.

It is clear that the impact of the major breaches of 2015, which has been reported as having an average cost of £107 for each lost or stolen corporate record, ensured that security is no longer just a technology issue. Instead it is now seen as a business issue that requires prioritisation from the top down. We will see the security function evolve to no longer report solely to the CIO.

Boards will start to care and take real action and make cyber-security expertise a requirement across the C-suite. Security is now a top agenda point in the boardroom as business reputations are once again at risk. Organisations will no longer be allowed to take the position of standing by and watching cyber-attacks unfold – they will finally have the power to react rather than prevent. As a result proactivity will be the key word for 2016, with micro-segmentation being a major player and step in the right direction for innovative organisations that are serious about security.

Article by Tom Patterson, Unisys vice president of global security

Story image
Interview: Mimecast channel director on new partner programme and consolidation in the channel
Craig McGregor explains Mimecast's new partner programme, the importance of consolidation in the security space, and the effect of COVID-19 on the local channel.More
Story image
40% of APAC consumers have dealt with personal data breaches
The Kaspersky report released today also found out that more than 20% of respondents in APAC are willing to sacrifice their privacy to gain a product or a service for free. More
Story image
FireEye unveils Cloudvisory: A multicloud security control centre
FireEye has announced the availability of FireEye Cloudvisory - a control centre for cloud security management across any private, public or hybrid security environment.More
Story image
Months on, many organisations still don't have secure remote access - report
The report analyses the extent to which businesses were prepared for the sudden shift into remote working due to COVID-19 restrictions, and analyses how organisations have adjusted to support remote workers amidst the COVID-19 pandemic. More
Download image
The juggling act: Managing dynamic workforces and the risk that goes with them
Mitigate and continuously manage dynamic workforce risks, and continuously improve and maintain the maturity of your dynamic workforce risk program.More
Story image
Acronis teams up with A.S. Roma to advance AI in sport
Acronis has officially announced its artificial intelligence (AI) partnership with Associazione Sportiva Roma, an Italian professional football club also known as A.S Roma.More