Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Five reasons why your board should push cybersecurity ‘boundaries’

Issue 6 2023 Security Services & Risk Management, Infrastructure


Tony Walt.

From a technological perspective, micro-segmentation of your IT security environment can be viewed as a way to identify, isolate and curtail the reach of any threat – even once it is in your network.

In a cybersecurity context, micro-segmentation is a framework that can be adopted to divide the data centre environment into discrete secured segments. This allows organisations to take security controls down to the level of application, workload or even device.

What value is there to business leaders in locking the ‘doors’ between discrete operational areas?

Tony Walt, co-founder and Director of cybersecurity software development house Port443, explains that while simplistic, the door analogy highlights the value micro-segmentation brings to the business and its board.

Gartner found that “perimeter-based security technologies, which are deployed at the edge of on-premises and hosted ‘in the cloud’ data centres, enforce policies between sites but cannot segment traffic between workloads or processes.” Micro-segmentation addresses this gap in securing the network internally, or what is referred to as ‘east-west’ traffic.

Walt notes that while micro-segmentation can reinforce traditional network and server-based security, issues of security best practices and regulatory compliance are moved front and centre. In this way, it addresses concerns around how data flows across the organisation and who has rightful access to it.

“We can evaluate our network security setup from the same perspective as our home security systems. Different layers of deterrents – such as electric fences, outdoor beams and door sensors – secure the perimeter of the property.”

“Focusing your information security systems only on traffic coming into the network would be much like pointing all your home security sensors at the front door. While this might help prevent any access via the main entrance, it leaves back doors open, and once someone is inside, all the rooms are vulnerable to intrusion, often without you even knowing about it. You need to lock the doors between rooms to contain intruders and maintain overall security.”

He adds that unlike hardware-based security systems (firewalls, for example), micro-segmentation operates like the security zones in your home. Tightly defined security policies can be applied to different zones. These zones typically include each of the applications used in your business and your data centres, as well as far tighter control of the traffic that runs between these environments.

Walt identifies five key attributes of micro-segmentation that make good business sense.

Simplicity: Having insight into what constitutes critical data, where it resides, and quantifying the risk associated with a potential breach allows for a simplified approach to isolating systems and controlling communications between them. A micro-segmentation philosophy should be preceded by a data discovery process from the start.

Visibility: Segmentation can be implemented into logical business, data centre and application zones. Visibility can then be achieved across the entire network environment while also standardising access policies as much as possible.

Risk reduction: Optimising the architecture through micro-segmentation mitigates the risk of a data breach. Organisations with multiple applications, for example, would be best advised to have discrete segmentation per application. Policies can also be implemented to isolate systems that are subject to government regulations, to improve compliance.

Control: Bringing critical alerts, metrics and system performance statistics into a single view across the organisation is of paramount importance. Available software and technology features can centralise control of various segments, while configuration templates can ease the time and skills burden. “By creating specific security policies for critical applications, for example, granular control can also be achieved,” says Walt.

Convergence: Micro-segmentation creates separate environments where the traffic into, out of and between each environment is controlled. A compromise in one application or zone is contained within that zone and does not lead to further compromise through lateral movement.

Walt comments that the benefits of micro-segmentation include all the benefits of digital convergence. These include better protection for cloud workloads and data, increased access control to various discrete applications, and simplified mandatory compliance with regulations, such as PCI-DSS.

In conclusion, Walt says that anything that can increase overall security efficacy is of tremendous value to the organisation. “As such, micro-segmentation needs to be operationally absorbed into the organisation through processes, people and technology.”




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Hytera supports communication upgrade for Joburg
News & Events Infrastructure Government and Parastatal (Industry)
By equipping Johannesburg’s metro police and emergency services with multimode radios which integrate TETRA and LTE networks, Hytera is bridging coverage gaps and improving response times across the city.

Read more...
Your Wi-Fi router is about to start watching you
News & Events Surveillance Security Services & Risk Management
Advanced algorithms are able to analyse your Wi-Fi signals and create a representation of your movements, turning your home's Wi-Fi into a motion detection and personal identification system.

Read more...
IoT-driven smart data to stay ahead
IoT & Automation Infrastructure AI & Data Analytics
In a world where uncertainty is constant, the real competitive edge lies in foresight. Businesses that turn real-time data into proactive strategies will not just survive, they will lead.

Read more...
Hydrogen is green but dangerous
Fire & Safety Infrastructure Power Management
Hydrogen infrastructure is developing quickly, but it comes with safety challenges. Hydrogen is flammable, and its small molecular size means it can leak easily. Additionally, fires caused by hydrogen are nearly invisible, making them difficult to detect and respond to.

Read more...
A whole-site solution to crack the data centre market
Fire & Safety Infrastructure Facilities & Building Management
Fire safety consultants and contractors who can offer a comprehensive fire safety solution to the data centre market can establish themselves as a supplier of a key safety features that help guarantee the smooth operation of critical infrastructure.

Read more...
Cybersecurity and insurance partnership for sub-Saharan Africa
Sophos News & Events Information Security Security Services & Risk Management
Sophos and Phishield Announce first-of-its-kind cybersecurity and insurance partnership for sub-Saharan Africa. The SMARTpod podcast, discussing the deal and the state of ransomware in South Africa and globally, is now also available.

Read more...
FICA in the era of deepfake and AI-driven fraud
Security Services & Risk Management
A growing fraud strategy involves leveraging AI to produce highly convincing fake images, videos, and audio, commonly referred to as deepfakes, which are used to impersonate real individuals and spread misleading or false information.

Read more...
Managing stock efficiently and cost-effectively
Asset Management Infrastructure Logistics (Industry)
Rina Redelinghuys, customer services executive at Cquential, a member of the Argility Technology Group, examines stock management across various industries, including retail, fast-moving consumer goods, food and dairy, automotive, apparel, industrial, accessories, paint and chemicals, and pharmaceuticals.

Read more...
Upgrade your PCs to improve security
Information Security Infrastructure
Truly secure technology today must be designed to detect and address unusual activity as it happens, wherever it happens, right down to the BIOS and silicon levels.

Read more...
Open source code can also be open risk
Information Security Infrastructure
Software development has changed significantly over the years, and today, open-source code increasingly forms the foundation of modern applications, with surveys indicating that 60 – 90% of the average application's code base consists of open-source components.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.