What Does it Mean to be Breach Ready?

table of contents

Dr. Chase Cunningham, in the Dr. Zero Trust Podcast, hosted Agnidipta Sarkar, CISO Advisor at ColorTokens, to discuss the essentials of breach readiness and why microsegmentation is fundamental to being breach ready. They also explored where controls should be applied to help limit lateral movement and whether software can truly help you prepare for an 8K filing with the SEC. 

Listen to the full conversation here: Being Breach Ready with ColorTokens

A summary of the conversation can also be found below. 

Understanding Breach Readiness 

Breach readiness goes beyond traditional cybersecurity measures. It involves preparing for the eventuality of a breach and having robust plans in place to manage and mitigate its impact. As Agni aptly put it, “Being breach ready is the ability to move beyond incidents and breaches and trying to stop a crisis in the happening.” This proactive approach is essential in today’s threat landscape where preventing every attack is nearly impossible. 

The Role of Defense in Depth 

Traditional defense strategies, like defense in depth, have focused on building multiple layers of security to prevent attacks. While this approach is still valuable, it’s not sufficient on its own for breach readiness. Defense in depth focuses on “what would you do if you got attacked,” whereas breach readiness focuses on “what would you do if that attack succeeds.” This shift in focus is crucial for building resilient cyber defenses. 

Crisis Management and Cyber Defense 

Effective crisis management is a cornerstone of breach readiness. It’s about having the ability to respond quickly and effectively when a breach occurs. Agni highlighted the importance of disconnection strategies: “It’s not only about connection; it’s also about disconnection.” Being able to quickly isolate affected systems can prevent further damage and help contain the breach. 

Business Continuity and Impact Analysis 

Planning for business continuity is another critical aspect of breach readiness. Traditional business continuity plans often aimed for a 20% recovery, but today’s digital enterprises require much more. “You want 80%,” Agni noted, emphasizing the need for robust recovery strategies. This is where Business Impact Analysis (BIA) comes into play, helping organizations understand the potential impacts of different types of breaches and plan accordingly. 

Microsegmentation as a Key Strategy 

Microsegmentation is a foundational strategy for breach readiness. By dividing networks into smaller, isolated segments, organizations can limit the spread of an attack. Agni described it as building a “mission critical assurance using zero trust enforcement.” This approach ensures that even if an attacker breaches one segment, they cannot easily move laterally across the network. 

Implementation and Best Practices 

Implementing microsegmentation effectively requires careful planning and modelling. Asset inventory and accurate network modelling are essential steps. “The 90% effort that should go in building microsegmentation is the modelling,” Agni explained. By understanding the network’s layout and critical assets, organizations can deploy segmentation rules that effectively protect their systems. 

Communicating with Non-Technical Stakeholders 

One of the biggest challenges for CISOs is communicating cybersecurity needs to the board and other non-technical stakeholders. Agni stressed the importance of translating technical risks into business risks: “It’s all about investments.” By framing cybersecurity in terms of potential business impacts and return on investment, CISOs can secure the necessary support and resources from the board. 

Real-World Challenges and Solutions 

Organizations often struggle with the dynamic nature of modern IT environments. Agni shared insights on overcoming these challenges, such as leveraging tools and best practices to reduce deployment time. “If you spend two hours and forty-five minutes mapping out the network before you ever do anything, that’s super critical,” he said, highlighting the importance of thorough preparation. 


Being breach ready is not just about having the right tools but also about adopting the right mindset and strategies. Organizations must focus on proactive crisis management, robust business continuity planning, and effective communication with stakeholders. Microsegmentation plays a crucial role in limiting the impact of breaches and ensuring ongoing business operations. As cyber threats continue to evolve, staying breach ready is more critical than ever. 

For more insights on breach readiness and how to implement these strategies, reach out to us. As Agni concluded, “Let’s start from modelling. Let’s start from thinking that, yeah, we could be attacked.” This proactive approach will help organizations build resilient defenses and ensure they are prepared for the challenges of today’s cybersecurity landscape. 

About the Podcast 

Unlock the future of cybersecurity with the “Dr. Zero Trust Podcast.” Join Dr. Chase Cunningham, former Forrester analyst and technology veteran of the NSA, US Navy, and FBI Cyber Division, as he delves into Zero Trust Security and redefines how we protect data and networks. Explore frameworks, threat prevention, identity management, exclusive interviews, and emerging tech. Whether you’re a pro or just curious, this podcast is your go-to platform for cybersecurity insights.