About the Author: Mark Chillingworth is the chair of the Horizon CIO Network. Mark has been the community editor for CIOs since 2008, creating the CIO 100, CIO Summit, and the U.K.’s first CIO podcast. He’s also a guest speaker in an upcoming webinar on why micro-segmentation is an ideal solution to today’s security challenges. Click on this link for more info.
Today’s cybersecurity landscape is extremely complex. The COVID-19 pandemic has expanded the attack surface, as employees are working remotely and threats are becoming more sophisticated. To compound this, many organizations have accelerated their journey to the cloud, so legacy solutions for securing networks and infrastructure are often no longer adequate. We’ve also seen a dramatic increase in the number of reported cyber crimes.
And, unfortunately, this is all against a backdrop of significant economic uncertainty, which means security leaders are being asked to prove immediate ROI for new cybersecurity investments.
The good news, however, is that micro-segmentation – a security practice that aims to reduce the attack surface to a minimum and prevent unauthorized lateral movement – has emerged as an effective and cost-efficient way for businesses to combat these concerns. In this blog, I’ll explore why that’s the case, and I’ll share additional insight into the sources of today’s security challenges.
Today’s Biggest Security Challenges
The Shift to Remote Work
Before the shift to remote work, the threat profile was largely contained within the office, with only a relatively small number of people connecting to the corporate network from outside via VPN. Now, most everyone is working from home using their personal devices and home routers – which are no match for sophisticated attacks. These multiple endpoints could be the gateways into your corporate networks, with the network firewall rendered ineffective. This has forced CIOs and CTOs to reassess the efficacy of traditional remote work solutions like VPNs that could potentially give unrestricted access to a compromised employee device.
Pressure to Digitize or Move to the Cloud
If you talk to technology leaders, you’ll probably hear that at least some of them are looking for new ways of digitizing their businesses. For example, companies might now accept payments/orders digitally where they didn’t before. But these new processes can create new security vulnerabilities.
Along those lines, organizations have also accelerated migration to the cloud to avoid operational disruptions. Here, too, enterprises may find themselves at an increased security risk. One report put the post-COVID increase in external attacks on cloud accounts at an astounding 630%. A big reason why cloud migration can leave organizations vulnerable is that a provider may offer some protection for the proverbial “front door” of your network, but they don’t provide security for the inside of it. So, if a bad actor breaches the perimeter, they can easily move from one room to another.
Increased Cost Sensitivity
Today’s conversation in cybersecurity is focused on how you can save money without compromising your security posture. We’re in a business environment where the board is hesitant to approve expenditures, and when you do spend money, the ask is to realize the return on investment within the next six or so months.
There is a tricky balance to strike: How do you manage costs while improving the security posture?
How Micro-Segmentation Addresses Security Challenges
While the challenges to businesses are multiple and daunting, key industry researchers Gartner and Forrester point to micro-segmentation as a security tool that businesses can adopt to tackle these problems.
With micro-segmentation, security leaders can reduce the network’s attack surface and get enhanced visibility into network traffic. Effectively, micro-segmentation puts a security wrapper around individual components and then builds it into a trusted network. This significantly reduces the likelihood of a damaging breach.
A Smart Financial Choice
Micro-segmentation is more cost-effective than traditional firewall or segmentation technologies for a few reasons.
First and foremost, implementation is simple and straightforward. This is very different than what companies experience when adopting legacy tools. Our experience so far is that micro-segmentation implementation takes only about a third of the time to implement, and a third of the effort to manage.
Total cost of ownership is lower as well. From an operational standpoint, license costs and compute costs (because the agents that it uses are very efficient) are generally less in a micro-segmentation solution than a typical firewall. So, too, are management costs. For example, a traditional segmentation product may use a firewall with 400 rules to obtain 15 segments. In the micro-segmentation world, we do that with 10 rules. So, you won’t need as many people to manage the tool, and they won’t necessarily need to have a highly specialized skill set; because micro-segmentation is very visual and intuitive (and won’t require your team to build firewalls using command prompts), it is much simpler to operate, and the risks associated with it are lower.
Access Webinar Recording: Implementing Efficient and Cost-Effective Security
In September 2020, cybersecurity leader and CIO 100 Hall of Fame honoree Raja Ukil and I hosted a webinar discussion of why micro-segmentation is an ideal solution for today’s security challenges. We covered a range of topics, including:
- Why micro-segmentation is faster, simpler, and more agile than traditional security methods
- How micro-segmentation enables organizations to visualize network traffic and reduce the attack surface
- How micro-segmentation improves an organization’s security posture while being cost effective
Click this link to access the on-demand recording of the webinar.