Story image

Three reasons organizations should consider network segmentation

04 Sep 18

Network segmentation is one of many things an organization can do to improve their security posture – and those that resist investment in the right security could be exposed to more expenses or breaches.

That’s according to ForeScout, which notes that the scope and reach of networks is expanding, which means network segmentation should be considered as part of any security arsenal.

ForeScout says that network segmentation splits networks into specific zones, which can then enact barriers against infiltrators. Those infiltrators then have difficulty compromising an entire network.

The company argues that while non-segmented networks are generally protected by a firewall, hackers can still break through and access an organization’s network and data.

Network segmentation can prevent these types of compromises.

According to ForeScout senior director for Asia Pacific and Japan, Steve Hunter, segmentation can reduce the scope of a breach, and also allows organizations to group assets with similar data protection requirements.

“For example, this can help healthcare companies apply more stringent and expensive protections on critical patient data, or retailers complying with PCI to use less expensive protections for less important services,” Hunter explains.
“Security challenges continue to challenge a company’s capacity to respond. Network-connected devices and the resulting IP traffic will continue to increase. This ongoing growth in our networks will require insight, visibility and control.”

ForeScout says there are three reasons why managers should adopt network segmentation: 

1. It is a core security practice that is necessary:

Network segmentation lets organizations protect data more effectively. Dysfunctional security measures can knock services and applications offline, bringing business to a halt.

Additionally, in a political environment where company data practice is highly scrutinised, given the General Data Protection Regulation (GDPR)* in Europe, and the Notifiable Data Breaches (NDB) scheme in Australia, organizations must demonstrate they’re conscientious custodians of confidential information. A data breach could spell costly fines and cause severe reputational damage.

2. Security measures sensibly applied can save organizations money: 

Security breaches often turn customers away and impact an organization’s profit. Organizations also need to spend large amounts of money cleaning up messes caused by cyberattacks.

This includes reaching out to customers, addressing the public, restoring data, fixing software, catering to staff needs and paying for immediate (expensive) security damage control. Organizations should adopt recommended security measures, so they can save money in the long run. Secure, segmented networks are a foundation for effective data asset protection. 

3. Building a segmented network can be straightforward: 

Many companies resist segmentation because they think it's expensive and cumbersome. The industry hasn’t helped with a focus on new approaches that require whole new networks.

However, it needn’t break the bank, nor require a complete redesign of an existing network. Segmentation can easily integrate with existing software and connected devices. The techniques for segmentation in a newer network may differ from an ageing network or in a cloud network, but segmentation is needed in all of them. 

“Managers should open their minds to new security practices, learn how their networks operate and understand how segmentation can protect their organization,” Hunter says.

“This type of digital transformation can help keep businesses afloat, even in the face of a significant cyberattack. Organizations that fail to embrace visibility and network segmentation will fall behind and open themselves up to increased risks of cyberattack, along with major financial and business implications.”

London coworking space teams with Global Cyber Alliance
A London-based coworking space is about to become a major cybersecurity innovation hub and a primary UK landing pad for security challenge winners.
Comms providers hit by most DDoS attacks in Q3 2018
New data indicates attackers preyed on the large attack surface of ASN-level communications service providers with a ‘bit-and-piece’ approach.
Check Point launches hyperscale network security solution
With Check Point Maestro, organisations can scale up their existing Check Point security gateways on demand.
Should AI technology determine the necessity for cyber attack responses?
Fujitsu has developed an AI that supposedly automatically determines whether action needs to be taken in response to a cyber attack.
Trend Micro’s telecom security solution certified as VMware-ready
Certification by VMware allows communications service providers who prefer or have already adopted VMware vCloud NFV to add network security services from Trend Micro.
Frost & Sullivan honours Honeywell's IIoT value creation
Frost & Sullivan has awarded Honeywell with the 2018 Global Customer Value Leadership Award for its work protecting industrial internet of things (IIoT) customers.
Top cybersecurity threats of 2019 – Carbon Black
Carbon Black chief cybersecurity officer Tom Kellermann combines his thoughts with those of Carbon Black's threat analysts and security strategists.
Google's €50m fine a wake up call for big data analytics
Data analytics are essential to company growth, competitive differentiation, and innovation. But there’s now a huge challenge.