The “castle-and-moat” security model, where everyone inside a perimeter was assumed to be trusted, has been abandoned in favor of zero-trust security, where verification is required from all devices and parties operating inside and outside a network.
The shift has been swift and almost total. In 2019, only 16% of companies had zero-trust security initiatives in place, according to research by Statista Inc. By 2021, that had jumped to 90%. The catalyst was the COVID pandemic and the associated move to cloud-based operations and remote work that made the security parameter forming the “moat” around the organizational “castle” an ineffective barrier.
Criminals were quick to take advantage of the opportunity, with the worldwide total of ransomware attacks rising from 188 million in 2019 to 305 million in 2020 and 623 million in 2021. The figure looks set to rise again in 2022 as cybercrime continues to be the number one type of fraud experienced by companies across all industries.
“You’ve got your data center connecting into workloads, running in the cloud with users and user devices everywhere with a plethora of other connected devices,” said Raghu Nandakumara (pictured), senior director of solutions marketing at Illumio Inc. “So we’ve got this massive hyper-connected web. Well, what does that lead to? It leads to a massively increasing mushrooming attack surface.”
Nandakumara spoke with theCUBE industry analyst Lisa Martin at the “Cybersecurity — Detect and Protect Against Threats” event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed how Illumio’s Zero Trust Segmentation Platform provides companies with attack surface visibility across on-premises and cloud. (* Disclosure below.)
Always assume there is a breach
Illumio’s mission is to help customers address the ever-increasing challenges of maintaining security in a hybrid, multicloud environment. The differentiator between other zero-trust initiatives and Illumio’s Zero Trust Segmentation Platform is, as the name suggests, that Illumio uses network microsegmentation to protect organizations against breaches.
“We see zero-trust segmentation as being founded on two pillars,” Nandakumara explained. “An assumed breach mindset and … what we see as the natural progression from that is the use of least privileged policies to go and control and protect your estate.”
Having an assumed breach mindset means that security is built with the expectation that a bad actor has already infiltrated an organization’s network. So, any anomaly is treated as a malicious action and measures are implemented before the actual cause is established.
Least-privilege links into that by reducing the ability for bad actors to move laterally once inside a network. By restricting access privileges so that every person or device on the network has only the very minimum required, the impact of a potential breach is minimized and an organization’s cyber resiliency rises. The security stance switches from building barriers to stop access to mitigating damage by restricting lateral movement through the network.
One big plus for Illumio customers currently undergoing cloud transformation is that the ZTS platform makes it easy to maintain their security posture as they transition into AWS, according to Nandakumara. In addition, Illumio compares customers’ current security groups to the actual usage of those resources and provides recommendations for better security.
“This is the way our technology helps our customers move and migrate safely and securely from on-prem into AWS,” Nandakumara said.
Resource visibility differentiates the Illumio ZTS platform from CSPM tools
Most cloud security posture management tools are not set up to monitor lateral movement, according to Nandakumara.
“They’re not about providing you with that view about how your resources are interacting with each other. They’re not about providing guidance as to whether a security reconfiguration could be enhanced and could be tightened up. They also don’t give you the view particularly around is this even relevant,” he said.
Illumio’s Zero Trust Segmentation Platform provides the visibility that allows companies to understand how resources are interacting with each other and determine whether those interactions are required or not. This enables the definition of a least privileged policy that controls access between resources, Nandakumara explained.
“Zero-trust segmentation is so important because if you come back to the fundamentals of it, it’s around consistent visibility and consistent security policy,” he said. “We’re always about providing visibility and maintaining least privileged access between your resources.”
While IT is concerned about network security, the board-level security conversation revolves around maintaining productivity and availability and avoiding reputational damage in the event of a major attack. Illumio’s ZTS platform meets board-level requirements for operational resilience because zero-trust segmentation enables cyber resilience, which ultimately enables operational resilience, according to Nandakumara.
“There is lots of value beyond our own product value proposition that we bring into your existing technology ecosystem,” he said. “We think we kind of add value into any deployment over and beyond the things that we do around visibility and consistent security.”
Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the “Cybersecurity — Detect and Protect Against Threats” event:
(* Disclosure: Illumio Inc. sponsored this segment of theCUBE. Neither Illumio nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)