Segmentation Could Be The Key To Combating Ransomware Attacks

Guest: Steve Winterfeld (LinkedIn)
Company: Akamai (Twitter)
Show: Let’s Talk

With ransomware attacks on the rise every day, many companies are looking to segmentation as a part of their Zero Trust strategy to help tackle these challenges. Akamai recently released the findings of its State of Segmentation report which surveyed over 1000 IT and security professionals and leaders. With 93% of respondents saying they felt segmentation is critical to help thwart large ransomware attacks, only 40% said their Zero Trust journey was well defined and deployed.

In this episode of TFiR: Let’s Talk, Steve Winterfeld, Advisory CISO at Akamai, talks about microsegmentation and how it can help organizations working to deploy Zero Trust. He discusses some of the key findings from Akamai’s latest report and the evolution they are seeing in ransomware attacks. He goes on to talk us through what organizations can do to improve their security posture so that they can use microsegmentation to be better prepared to deal with ransomware attacks.

Key highlights from this video interview:

Winterfeld explains what segmentation is in terms of environments, saying generally it is about building zones of trust. He talks about how if one zone is compromised, the whole whole network is. The key ways to create different zones are with internal firewalls, which are very complex, or with micro-segmentation.
Winterfeld discusses the efforts of organizations and federal agencies to understand the state of segmentation saying it is one of the pillars under Zero Trust. Stolen credentials and obtaining access to someone’s identity is the first part of Zero Trust but it is being driven also by ransomware. Ransomware attacks increased by 143% just in the past year and he talks about the effects of this on businesses.
Some of the benefits of microsegmentation are visibility, knowing where the data flows are going, and where the data is in hybrid environments. Winterfeld tells us that it enables people to see if they have choke points and to analyze what is going on with the data to gain a better understanding.
Winterfeld discusses some of the key findings from the State of Segmentation report saying 93% of the respondents said segmentation is critical to stopping large damaging attacks. However, only 40% said their Zero Trust framework that includes segmentation has been fully defined and deployed while 89% said they are prioritizing microsegmentation.
Winterfeld talks about how much awareness there is around microsegmentation saying people do understand that it is a vital part of Zero Trust although Zero Trust initially started more around access.
Some of the challenges people are experiencing with microsegmentation are a lack of skills and expertise to do segmentation, performance bottlenecks, and compliance requirements.
Winterfeld talks about the differences between segmentation and micro segmentation saying segmentation is more about legacy things like firewalls, and the latter is more about the data flow level or the work process level. He explains that it involves providing visibility not just in one zone but into the workflow.
Akamai has developed a template of six critical areas and Winterfeld discusses how by developing those six segmentation zones you will see a reduction in the number of hours needed to respond to threats.
Winterfeld talks about the evolution of ransomware and how you have a window of opportunity to interrupt the attack before it fully deploys. He explains that having visibility of microsegmentation and watching the data flows of microsegmentation enables you to detect the data being stolen earlier.
There are many different ways to implement a Zero Trust framework but the two of most important pillars are controlling access and minimizing the impact. Ultimately, Zero Trust aims to protect employees in a corporation and operations on your network.
Winterfeld advises organizations deploying microsegmentation saying it is important to choose an architecture that can be deployed fairly quickly since networks change and to go with a vendor that will help train people to address skillset challenges. He discusses the importance of culture in retraining people and improving teams.
Winterfeld feels that organizations are looking to do vendor consolidation and partner with vendors who can offer expertise or managed services to address the challenges they are facing. He talks about Akamai’s wide range of offerings and how this can help organizations who want to consolidate and work with fewer vendors.
Organizations with a culture of high transformation run the risk of increasing complexity with more technical debt. Winterfeld believes organizations with high levels of innovation and transformation should try to do it by keeping it simple.
Winterfeld takes us through some of Akamai’s resources and talks about their different reports which he recommends people take a look at.

This summary was written by Emily Nicholls.

You may also like

What IBM’s acquisition of HashiCorp means for Terraform licensing

Apiiro wants to be the Diamond Standard for Application Security Posture Management

Akamai further fortifies its API Security with latest PCI DSS Compliance

If Iron Man has Jarvis, Transposit has Tanya

Bringing vCluster to Rancher is healthy competition: Lukas Gentele

How to choose best observability practices: Julian Fischer