Build Your Zero Trust Security Strategy With Microsegmentation

Similar documents
Evolve Your Security Operations Strategy To Account For Cloud

Vulnerability Management Trends In APAC

Mastering The Endpoint

Modern Database Architectures Demand Modern Data Security Measures

Operationalize Security To Secure Your Data Perimeter

Digital Transformation Drives Distributed Store Networks To The Breaking Point

Business Success Through Embedded Communication Technology

Supporting The Zero Trust Model Of Information Security: The Important Role Of Today s Intrusion Prevention Systems

Converged Infrastructure Matures And Proves Its Value

Evolving Threats Call For Integrated Endpoint Security Solutions With Holistic Visibility

Rethink Enterprise Endpoint Security In The Cloud Computing Era

Red Hat Virtualization Increases Efficiency And Cost Effectiveness Of Virtualization

Modern Compute Is The Foundation For Your IT Transformation

Unlock The Value Of Cloud

Unlock The Value Of Cloud: A Spotlight On IT Executives

Innovation Leaders Need IT Services To Drive Transformative Outcomes

The State of Cloud Monitoring

Cisco Start. IT solutions designed to propel your business

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

Best Practices in Securing a Multicloud World

Cyber Threat Landscape April 2013

Making hybrid IT simple with Capgemini and Microsoft Azure Stack

RSA INCIDENT RESPONSE SERVICES

An ICS Whitepaper Choosing the Right Security Assessment

Enabling Zero Trust Security Through Network Virtualization And Micro- Segmentation

RSA INCIDENT RESPONSE SERVICES

ForeScout Extended Module for Splunk

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

Teradata and Protegrity High-Value Protection for High-Value Data

Preparing your network for the next wave of innovation

INSIDE. Integrated Security: Creating the Secure Enterprise. Symantec Enterprise Security

Accelerate Your Enterprise Private Cloud Initiative

Fact Or Fiction: The State Of GDPR Compliance

IBM Cloud Internet Services: Optimizing security to protect your web applications

THE POWER OF TECH-SAVVY BOARDS:

Sage Data Security Services Directory

Networking for a dynamic infrastructure: getting it right.

Cisco Connected Factory Accelerator Bundles

Run the business. Not the risks.

Oracle bakes security into its DNA

Zero Trust on the Endpoint. Extending the Zero Trust Model from Network to Endpoint with Advanced Endpoint Protection

Choosing the Right Security Assessment

Converged Security - Protect your Digital Enterprise May 24, Copyright 2016 Vivit Worldwide

Security in a Converging IT/OT World

align security instill confidence

Implementing Your BYOD Mobility Strategy An IT Checklist and Guide

MULTI-CLOUD REQUIRES NEW MANAGEMENT STRATEGIES AND A FORWARD-LOOKING APPROACH

Transformation Through Innovation

A Forrester Total Economic Impact Study Commissioned by ServiceNow January 2018

THE IMPLICATIONS OF PERFORMANCE, SECURITY, AND RESOURCE CONSTRAINTS IN DIGITAL TRANSFORMATION

Cybersecurity. Securely enabling transformation and change

Securing Your Digital Transformation

Office 365 Buyers Guide: Best Practices for Securing Office 365

Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape

Paper. Delivering Strong Security in a Hyperconverged Data Center Environment

Securing The Enterprise With Machine Identity Protection

THE JOURNEY OVERVIEW THREE PHASES TO A SUCCESSFUL MIGRATION ADOPTION ACCENTURE IS 80% IN THE CLOUD

Overview. Business value

Today s cyber threat landscape is evolving at a rate that is extremely aggressive,

2015 VORMETRIC INSIDER THREAT REPORT

Fundamental Shift: A LOOK INSIDE THE RISING ROLE OF IT IN PHYSICAL ACCESS CONTROL

2018 GLOBAL CHANNEL PARTNER SURVEY THYCOTIC CHANNEL PARTNER SURVEY REPORT

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

ENABLING SECURE CLOUD CONNECTIVITY. Create a Successful Cloud Strategy with Reliable Connectivity Solutions

IoT & SCADA Cyber Security Services

Mobilizing Your Workforce for Success

Integrated Access Management Solutions. Access Televentures

THALES DATA THREAT REPORT

McAfee epolicy Orchestrator

Ahead of the next curve

PULLING OUR SOCS UP VODAFONE GROUP AT RSAC Emma Smith. Andy Talbot. Group Technology Security Director Vodafone Group Plc

ProDeploy Suite. Accelerate enterprise technology adoption with expert deployment designed for you

Q&A TAKING ENTERPRISE SECURITY TO THE NEXT LEVEL. An interview with John Summers, Enterprise VP and GM, Akamai

Canada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?

STOPS CYBER ATTACKS BEFORE THEY STOP YOU. Prepare, recognize, and respond to today s attacks earlier with Verizon Security Solutions.

EXPERT SERVICES FOR IoT CYBERSECURITY AND RISK MANAGEMENT. An Insight Cyber White Paper. Copyright Insight Cyber All rights reserved.

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

DDoS MITIGATION BEST PRACTICES

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

E X E C U T I V E B R I E F

IBM Resiliency Services:

GDPR: An Opportunity to Transform Your Security Operations

Toward an Automated Future

Security in India: Enabling a New Connected Era

THE ACCENTURE CYBER DEFENSE SOLUTION

2018 Report The State of Securing Cloud Workloads

with Advanced Protection

CASE STUDY INSIGHTS: MICRO-SEGMENTATION TRANSFORMS SECURITY. How Organizations Around the World Are Protecting Critical Data

Executive brief Create a Better Way to Work: OpenText Release 16

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

Multicloud is the New Normal Cloud enables Digital Transformation (DX), but more clouds bring more challenges

Using Threat Analytics to Protect Privileged Access and Prevent Breaches

ATTIVO NETWORKS THREATDEFEND PLATFORM INTEGRATION WITH CISCO SYSTEMS PROTECTS THE NETWORK

Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS

HEALTH CARE AND CYBER SECURITY:

SOC for cybersecurity

SD-WAN Networks Enable Modern Digital Business Ecosystems

CyberArk Privileged Threat Analytics

THE STATE OF IT TRANSFORMATION FOR RETAIL

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Transcription:

Why Digital Businesses Need A Granular Network Segmentation Approach GET STARTED

Overview The idea of a secure network perimeter is dead. As companies rapidly scale their digital capabilities to deliver better customer experiences and operational efficiencies, they also become substantially more vulnerable to cyberattacks. Digital transformation necessitates an evolution of their security approaches to one that can manage threats in a complex and expanding technology landscape. In May 2018, Unisys commissioned Forrester Consulting to conduct a custom survey of 164 IT professionals in North America to explore the security challenges they face as they seek to digitally transform, the progress they ve made toward adopting a Zero Trust security architecture, and the benefits they expect from network microsegmentation. Country 71% - United States 29% - Canada Number of employees 54% - 1,000 to 4,999 31% - 5,000 to 19,999 15% - 20,000 or more Seniority 29% - C-level or VP 41% - Director 30% - Manager

1 2 3 Organizations Are Embracing Digital Transformation The need to satisfy customers heightened expectations has propelled companies to digitally transform their internal processes and customer interactions. To support this effort, they are investing aggressively in new technologies that drive innovation and efficiency. They have adopted: analytics to turn data into insight for improved decision making; cloud services to augment connectivity, speed, and scalability; internet of things (IoT) to digitize physical products and optimize operations through improved monitoring; mobile applications and devices to delight customers in their moments of need and connect an untethered workforce; and artificial intelligence (AI) to better anticipate and deliver personalized customer interactions. While these initiatives are essential, they also raise the requirements for security and privacy their No. 1 digital transformation technology investment area. Digital businesses continuously create and exploit digital assets to deliver new sources of customer value and increase operational agility.

1 2 3 Digital Transformation Raises The Security Bar As they implement new cloud services, devices, partners, bring-yourown-device policies, and customer engagement models, digital businesses find themselves in a new technology landscape. Their ecosystem is now more diverse, interconnected, and vulnerable. Eighty percent agree that digital transformation has expanded the cyberattack surface so much so that the security perimeter is difficult to define. To protect their data and information assets, companies must now find ways to consistently apply end-to-end security policies in a diverse landscape and safeguard sensitive information throughout the digital supply chain. 1 The need to scale security practices to the fast rate of digital transformation change complicates this endeavor. As companies digitize their businesses, they face new threats across a wide and diverse technology landscape.

1 2 3 The Network Perimeter Is No Longer Defensible Organizations have historically focused on securing the network perimeter. In this model, traffic inside the perimeter is classified as safe, and traffic outside of it is deemed unsafe. However, today s digital ecosystem has rendered this approach obsolete. Attacks that originate within companies where controls are weaker are often the culprits of myriad security failures. The network perimeter offers little protection. Once inside the company, threats can spread unabated. Given that most respondents say the perimeter is difficult to define, it s no surprise that 58% also believe it is indefensible. Put simply, there is no perimeter; companies must update their thinking and defensive strategies accordingly. Thankfully, decision makers recognize the need for change: 84% agree that they must adjust traditional perimeter-based security strategies. Digital businesses need an inside-out security approach.

1 2 3 Zero Trust Affords Digital Businesses Operational Agility While Containing Risk Companies cannot afford to trust internal network traffic as legitimate, nor can they trust employees and partners to always be well-meaning and careful with systems and data. 2 To manage the complexities of their environment without constraining their digital transformation ambitions, many companies are moving toward a Zero Trust (ZT) security model a more identity- and data-centric approach based on network segmentation, data obfuscation, security analytics, and automation that never assumes trust. ZT allows security and privacy protections to travel with the data itself across hosting models, locations, devices, and third parties. It also applies the appropriate access rights based on the user s identity. 3 This allows companies to adapt to an evolving threat landscape quickly and effectively. 4 While just 7% of those surveyed have applied all aspects of ZT, 84% have already adopted, plan to adopt, or have interest in adopting one or more pieces of the model.

1 2 3 Microsegmentation Is A Key Piece Of Any Zero Trust Network To successfully promote a ZT architectural model, security teams will need improved isolation of environments and infrastructures in the form of microsegmentation. Microsegmentation divides a network at a granular level, allowing organizations to tailor security settings to different types of traffic and create policies that limit network and application flows to those that are explicitly permitted. It allows security teams the flexibility to apply the right level of protection to a given workload based on sensitivity and value to the business. 5 Over 75% of respondents agree that various aspects of their digital transformation technology programs necessitate microsegmentation. AI, IoT, and network-enabled device technologies top the list of technologies in need of microsegmentation, as they introduce a massive area of potential compromise through device and data proliferation. Over 75% agree that their digital transformation technology programs necessitate microsegment-level protection.

1 2 3 Network Microsegmentation Is Gaining Momentum How important is the centralization of your workstation assets to securing your intellectual property? In today s technology environment, security teams must be able to isolate, secure, and control traffic on the network at all times and do so at the micro level. Unfortunately, this is not the standard. While decision makers recognize the value of microsegmentation, only 26% already have it in place today. However, our research suggests that its popularity will soon spread: 22% have plans to implement microsegmentation in the next 12 months, and another 32% express interest. While microsegmentation is not new concept, traditional approaches have relied on building microperimeters by installing more firewalls. In fact, among the 26% who have adopted microsegmentation in our study, most say (64%) they use firewalls for all or part of their strategy. New microsegmentation approaches including ones that are software-defined and offer embedded encryption capabilities can ease infrastructure complexity. Eighty-two percent describe access to a security solution that can encrypt data-in-motion as important to improving their security posture.

1 2 Microsegmentation Delivers On Strategic Benefits How are the following enterprise computing workloads changing at your organization? Respondents whose companies have already adopted microsegmentation cite a long list of benefits benefits that are consistent with Forrester s ZT research. Most of all, they view it as valuable to improving their security posture (65%). Microsegmentation improves visibility and control at a granular level, allowing companies to better contain threats while minimizing disruption (i.e., locate and quarantine the affected person or group without shutting down an entire site). Operational benefits including improved performance, easier segmentation of the network, and improved agility also top the list. Finally, many consider microsegmentation helpful for protecting critical information assets and meeting compliance standards. The ability to shield intellectual property and sensitive customer data from falling into the wrong hands is a critical requirement for companies that compete on their ability to deliver personalized experiences without violating customer privacy and trust. Even those companies that have not yet adopted microsegmentation find value: 98% associate one or more benefits with the approach.

1 2 Zero Trust Requires A Comprehensive Suite Of Tools Combined With Strategy Digital businesses need security technology partners that offer a range of capabilities that: 1) are easy to use and integrate; 2) improve their network visibility; and 3) support the ZT model. They place especially high value on partner solutions that can apply security controls across environments uniformly and quickly, with features that allow them to modify settings as circumstances change. Eighty-eight percent also say that it s important for them to be able to base security on user identity a key tenet of ZT. Support for controlling industrial control systems (ICS) and operational technology (OT) is also vital. Because these machines often run on proprietary software and are geographically dispersed, they can be difficult to update and secure. Disruptions to these technologies which are critical to controlling any number of core functions, like factory automation, patient machines, and production processes can result in significant profit loss, security threats, and even physical damage or harm. 6 For this reason, 82% say their ability to secure these technologies is important or very important to improving their security posture.

Conclusion While the digitization of products, services, and operations will be necessary to deliver on the experience expectations of demanding customers, it also increases organizations security risk. Perimeter-based security approaches are no longer sufficient. Companies need sophisticated capabilities that support a ZT security architecture a more data- and identity-centric security approach built on focused network segmentation. Solutions that help firms secure their network at the microsegment level can help companies promote ZT principles and realize key benefits, including an improved ability to protect critical data assets in an evolving landscape; greater network visibility and control; and operational agility. Endnotes 1 Source: Future-Proof Your Digital Business With Zero Trust Security, Forrester Research, Inc., March 28, 2018. 2 Ibid. 3 Ibid. 4 Source: The State Of IoT Security 2018, Forrester Research, Inc., January 9, 2018. 5 Source: The Forrester Tech TideTM: Zero Trust Threat Prevention, Q3 2018, Forrester Research, Inc., July 12, 2018. 6 Source: Protecting Industrial Control Systems And Critical Infrastructure From Attack, Forrester Research, Inc., April 19, 2018. METHODOLOGY This Opportunity Snapshot was commissioned by Unisys. To create this Snapshot, Forrester conducted a custom survey of 164 IT professionals in North America with responsibility for their organizations network security and technology decisions. To qualify for the study, respondents had to work at companies with at least 1,000 employees. ABOUT FORRESTER CONSULTING Forrester Consulting provides independent and objective research-based consulting to help leaders succeed in their organizations. Ranging in scope from a short strategy session to custom projects, Forrester s Consulting services connect you directly with research analysts who apply expert insight to your specific business challenges. For more information, visit forrester.com/consulting. 2018, Forrester Research, Inc. All rights reserved. Unauthorized reproduction is strictly prohibited. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change. Forrester, Technographics, Forrester Wave, RoleView, TechRadar, and Total Economic Impact are trademarks of Forrester Research, Inc. All other trademarks are the property of their respective companies. For additional information, go to forrester.com. [A-158802] Project Director: Sophia Christakis, Market Impact Consultant Contributing Research: Forrester s Security & Risk research group

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback