In the wake of several high-profile ransomware attacks, the White House is urging private companies to improve their cybersecurity defenses by taking immediate steps toward Zero Trust security.
Last week, Deputy National Security Adviser for Cyber and Emerging Technology Anne Neuberger stressed the importance of ransomware defenses in a memo to private-sector executives and business leaders. “The threats are serious, and they are increasing,” Neuberger said.
The memo presses companies to adopt the best practices laid out in President Biden’s Executive Order on Improving the Nation’s Cybersecurity, which requires IT providers to share certain breach data with the federal government, modernizes the federal government’s security standards with a shift toward Zero Trust architecture, and establishes security standards for software development.
Why is the White House focused on improving cybersecurity?
US companies and the federal government are still reeling from a series of devastating cyberattacks, including the Colonial Pipeline attack, the JBS attack, and 2020’s SolarWinds fiasco. The JBS attack forced the world’s largest meat supplier to cease work and take systems offline in North America and Australia, putting the food supply at risk. Similarly, the ransomware assault on major fuel supplier Colonial Pipeline shut down pipeline activity for five days, created gas shortages across much of the US, and cost the company nearly $5 million in ransom.
In response to these and other incidents, the federal government is urging private companies responsible for critical infrastructure such as food supply, energy, healthcare, and telecommunications to implement Zero Trust security.
What does network segmentation have to do with cybersecurity?
Both the Executive Order and last week’s memo highlight the importance of segmentation in protecting against catastrophic data breaches. The memo specifically calls on private companies to “segment networks so that corporate business functions are separated from manufacturing and production operations.”
Network segmentation is a way of creating sub-networks within the overall network. This allows security personnel to control the flow of traffic between sub-networks based on granular policies. Network segmentation is highly effective in preventing unauthorized users from gaining access to sensitive information like financial records and confidential intellectual property. Micro-perimeters keep bad actors from moving laterally within your network, reducing the impact of breaches.
The concept of network segmentation has been around for a while. Traditionally, network firewalls and VLAN ACLs were deployed to segment the network with static IPs and sub-networks (subnets), but this approach has limitations. For instance, companies cannot segment and protect cloud workloads using traditional network segmentation. For organizations with data assets scattered across hybrid and multi-cloud environments, cloud workload protection is a requirement.
That’s where software-defined micro-segmentation comes in. Software-defined perimeters (SDPs) allow the micro-segmentation of workloads in hybrid, multi-cloud environments, allowing you to enforce a consistent security posture across the entire network.
Micro-segmentation is the first step in implementing Zero Trust security
Micro-segmentation is based on the same concept as network segmentation: dividing the network into discrete segments for better security and performance. But micro-segmentation provides more granular visibility at the application level. This granularity allows companies to implement a Zero Trust security model whether their workloads and applications are in the data center, on the cloud, or some combination of the two.
The defining principle of Zero Trust is never trust, always verify. Micro-segmentation enables a Zero Trust model by allowing security teams to isolate distributed environments, workloads, and applications. Fine-grained security policies based on Zero Trust logic can then be applied to segments.
The right micro-segmentation solution allows you to define high-level policies and apply them across applications. These security policies can be applied consistently even in a dynamic VM environment—something that’s almost impossible with traditional network segmentation.
With software-defined micro-segmentation, only authorized users can access a given application. Any connection that cannot be verified by the policy parameters is blocked, protecting your network against lateral movement and flagging the incident for investigation and remediation. Micro-segmentation creates a Zero Trust micro-perimeter around your applications to ensure the attack surface area remains as small as possible.
Consistent, scalable security is a must
As companies accelerate digital transformation and cloud adoption timelines, the need to secure data assets against careless exposure or malicious intrusion becomes paramount. Customers are hearing about the same high-profile breaches that you are, and they want to feel confident you’re doing enough to protect them.
Plus, cybersecurity regulations and compliance requirements are emerging around the world, so companies that fail to protect against breaches aren’t just looking at brand erosion and damage to their bottom line; they may also face direct financial penalties.
In the case of companies like JBS and Colonial Pipeline, which provide essential goods and services to millions of customers, cybersecurity is a matter of national importance—and national security. The White House’s Executive Order on Improving the Nation’s Cybersecurity and follow-up memo urging private companies to implement the Zero Trust model clearly reflects this.
Software-defined micro-segmentation is an important first step in your journey to Zero Trust implementation. To meet the ever-evolving needs of your business, you need granular, consistent, scalable security that extends to every corner of your network.