Two years have passed since Target's infamous data breach that affected 110 million customers during the 2013 holiday shopping season, and we are still hearing about the impact of the attack. In the latest news, Target Corp. and Visa Inc. reached a settlement agreeing to make up for all costs that banks suffered as a result of the breach. What will the latest settlement cost the retailer? $67 million to banks and another $10 million to customers who had personal information taken. Maybe a drop in the sea for Target, but also likely not the last they'll hear of it!
Companies find themselves in a sticky situation as attacks like these are inevitable. If a hacker wants to get into your network, chances are good they will find a way in. But just because they get into the network, shouldn't mean they get the keys to the kingdom.
Reaction to the big breaches has tended to involve CIOs and CISOs upping their spend on intrusion prevention tools and pen testing (what's the definition of madness again?). Sure, you absolutely need to maximize the defenses, but imagine if the White House built a bigger fence and decided they didn't need as many Secret Service agents? Somebody's going to get a bigger ladder!
So what can you do given the certainty that, at some point, a malevolent actor will find their way inside your network?
Limiting the hacker's movements through effective and carefully managed network segmentation is critical. It's not rocket science that segmenting the network can help protect the highest value data assets by preventing cyber attackers from moving seamlessly throughout the whole environment and getting their hands on the whole kit and caboodle.
Yet effective segmentation becomes increasingly difficult when the heterogeneous network extends across physical, on premise components and private and public cloud networks, with some of those network elements even accessible to 3rd party vendors. The complexity of the network has evolved at lightening pace, yet too many organizations are still using decades old techniques for managing segmentation like manually tracking firewall and router configurations and using spreadsheets. Basically, this is bringing a knife to a gun fight!
Effective segmentation relies on a rules-based automation which prevents and flags policy violations that may include unauthorized access or application changes that weaken the network's security. It is critical to maintain the desired network segmentation by automatically analyzing every network change request against the corporate security policies during the change process.
Power to the People
While many unnecessary manual processes can be removed, effective segmentation still relies upon a keen human eye to manage the bigger picture. But getting a comprehensive, digestible view of the network is no easy task in most large organizations. It has to be a major imperative for improving segmentation because having control relies on having visibility. It becomes much easier to identify security incidents earlier on, therefore streamlining the remediation process and cutting the outrageous time and costs associated. Spotting potential access points and risky policies and applications is also considerably easier. Network visibility is the Holy Grail as it can help IT teams proactively manage and reduce the attack surface.
It's difficult to overstate the importance of improving network segmentation processes right now. As the world begins to wake up to the irrevocable certainty in life that you will get breached, the big question now is - how bad is that breach going to be?