Microsegmentation: A new security paradigm?
- By Derek Major
- Jun 10, 2016
Whether it’s protecting legacy systems, building new solutions or simply making sure sensitive data doesn’t fall into the wrong hands, billions of dollars have been spent on security in the last few years.
The security itself hasn’t changed much, however. According to Unisys Federal security specialist Lance Vaughn, we’re still defending the castle walls.
Traditionally, organizations have protected assets by reinforcing the perimeter, and then “hopefully” focusing on anyone who then gets through that wall, Vaughn told the audience at the Acquire 2016 Conference and Expo in Washington, D.C. Yet once a hacker gets past that initial outside wall, there’s little to no defense on the inside, allowing free rein to run laterally throughout an organization’s IT infrastructure.
And an increasing number of attacks on government agencies, major banks and media companies don't target the security walls at all. They result from an employee clicking on a phishing email, which Vaughn said has become the most popular method of getting into a system.
These new attack vectors make the traditional security model obsolete, Vaughn stressed. Yet even when organizations acknowledge that they’ve been breached, they still think about defending the enterprise the traditional way. Eighty percent of security spending is still going to firewalls and anti-virus solutions despite only being effective for 30 percent of threats, Vaughn said.
According to Vaughn, a key part of the solution is microsegmentation -- a tactic that is starting to gain traction in security circles. Instead of building higher walls, microsegmentation protects information by cryptographically isolating data at the packet level and organizing it into functional communities that only authorized users can access.
This diminishes an attacker’s ability to move laterally within a network and helps organizations to contain breaches faster and cloak network assets, applications and legacy systems. And microsegmentation can work in challenging security environments, whether they involve dedicated data centers and or cloud systems.
“Microsegmentation from an IT security perspective is going to be a game changer,” Vaughn said. “It’s being touted by all of the software makers because it’s going to level the playing field and reduce the attack surface that we’re trying so desperately to protect.”
Derek Major is a former reporter for GCN.