Cybercriminals need to be lucky just once, while cyber-defenders need to be right all the time. The inevitability of cyber-attacks and likely breaches weigh heavily on CISOs’ heads. How can zero-trust microsegmentation help?
Gartner’s hype cycle reports for enterprise networking in June 2024 and zero trust networking in July 2024 both identified microsegmentation as being well on ‘the slope of enlightenment’, heading towards the plateau of productivity.
What is microsegmentation technology all about, and how does it enhance the zero-trust approach to cybersecurity in a cyberthreat landscape where cyber-attacks are a matter of when, not if? Is it the answer to how organizations can shift from breach prevention to breach readiness?
CybersecAsia sought out answers and insights from Satyen Desai, VP APAC, ColorTokens.
Are organizations in Asia Pacific accepting the fact that cyber-attacks and breaches are inevitable? If so, are they approaching cybersecurity accordingly?
Satyen Desai (SD): The world realized long ago that either you have been hacked or you do not know about it yet.
So yes, cyber-attacks and breaches are inevitable. What stands between a cyber-attack and a news headline is a very boring, doggedly determined, and always-on-your-toes cyber-defense program that is blessed by a board who knows about their cyber exposure and has funded it accordingly.
What changes need to be made to shift from a ‘breach prevention’ approach to a ‘breach readiness’ approach?
SD: Here is an undeniable fact: Cyber-attacks have increased in 2024, with a 30% rise in weekly attacks on corporate networks in Q2 2024 compared to Q2 2023, and a 25% increase compared to Q1 2024. There has been a general increase in cyber-attacks across all industries, with a 221% rise compared to 2022.
Most security and risk leaders are increasingly considering that investment in tools that can prevent breaches by stopping initial access and intrusive cyber-attacks is not enough anymore.
The best cybersecurity tools fail not because the tools fail, but due to several factors. These include lack of accurate asset management, lack of proper patch management, lack of change governance, human error compounded by uncontrolled use of IT applications called shadow IT, SaaS and now AI tools.
The MITRE ATT&CK framework has proven to the world that most attackers get past initial defenses and execute lateral movements to successfully create cyber crises. And most leaders we meet echo the fact that it is paramount to defend the last line of attack, lateral movements. And microsegmentation is the only proven zero trust mechanism that can stop lateral movements and protect the crown jewels.
What is microsegmentation, and how does it help an organization become breach-ready?
SD: Microsegmentation is a zero-trust architecture-based methodology of creating zones and conduits in digital environments to isolate systems and groups of systems from one another and secure them individually. It is designed to enable granular partitioning of traffic to provide greater attack resistance by reducing both the attackable systems, and those that can be laterally accessed when one system is breached, called the blast radii.
Microsegmentation secures applications by expressly allowing particular application traffic and, by default, denying all other traffic, where attacks can be detected, quarantined, and disrupted while isolated critical business can continue as usual. Microsegmentation also provides security leadership with panoptic visualization which is the ability to distinguish between things that can change faster than others, so that the enterprise can adapt itself to contain an ongoing attack. ColorTokens calls this ‘breach-ready microsegmentation’, and in the future this can be made autonomous, so that an intelligent breach ready capability is able to defend and disrupt attacks, with minimal human intervention.
Any examples in Asia Pacific where your customers mitigated the risks and impact of a cyber-attack with microsegmentation?
SD: Anthony Fung, CISO of livi bank, one of Hong Kong’s most innovative virtual banks, said: “To make ourselves exceptionally resilient, zero-trust microsegmentation was the obvious solution for us. We found the right partner in ColorTokens.”
“Microsegmentation with ColorTokens has fundamentally shifted our approach to cybersecurity resilience” said another customer.
There are many customers who have implemented microsegmentation with ColorTokens but for privacy reasons we can’t share. What we can share is that our ColorTokens approach of progressive implementation using the automated discovery of security gaps, policy templates, traffic visualizer, and experience on global best practices will enable us to deliver on the promise.
At ColorTokens we will sign up and commit to reducing a customers’ breach risk profile by 50% in the first 90 days. This commitment resonates with our customers very well. With ColorTokens, you can stop a breach before it becomes a crisis and protect your crown jewels.
