Corporate networks can be sprawling affairs comprising thousands of connected devices. Securing such networks is too often focused only on locking down access points into the network. But what happens once a user (or intruder) gains access to one of those network entry points? With an ever-evolving cyberthreat environment and a constant barrage of new tools deployed by hackers in their attempts to gain network access, the assumption of every smart cybersecurity team should be that their external defenses will be penetrated.
More than a quarter of all cyberattacks are aimed at financial systems – more than any other vertical. In 2019, Capital One, Desjardins, First American Financial, Westpac, and even the Bulgarian National Revenue Agency have all been the victims of successful cyberattacks, and there is no reason to think that such attacks will lessen.
Network segmentation and segregation have been around for a long while – as long, in fact, as there have been private networks connected to the internet. And while network segmentation is vital and will be familiar to many through its implementation via firewalls and DMZs, network segregation also has a vitally important role to play in cybersecurity.
The recent growth of the Internet of Things (IoT) and its industrial-driven subset, the aptly-named Industrial IoT (IIoT), has been staggering. Growth projections, too, are staggering as better IT-OT connectivity, sensors, and control devices continue to generate more and more use cases for implementations across manufacturing, transportation, and many more industries.
Cyberthreats are many and varied, which means that cybersecurity measures need to be equally varied and agile in order to truly protect your organization. To provide such agility, the application of two main principles is required when designing and implementing cybersecurity: Least Privilege and Defense in Depth.