Learn how to adapt to the continuously changing risk environment with an efficient, continuous risk monitoring strategy.
These days, we often hear the word “quarantine” in everyday conversations--but quarantining takes on a different meaning when it comes to protecting your network.
Often, when we discuss quarantining from a cyber security perspective we’re referring to network segmentation cyber security. But what is network segmentation, and is it the right approach for your organization? The answer to the first part is easy. The second is a bit more complicated.
What is network segmentation cyber security?
Network segmentation is the act of dividing your larger network into smaller, more manageable segments that are isolated from each other and invisible to the outside world. Network segmentation breaks up your network into chunks and hides them away from easy access points. That way, if your network is infiltrated, it’s less likely the hacker will be able to do widespread damage or gain access to the entirety of your network. They won’t be able to hop from one isolated, segmented portion to another.
Network segmentation can be extraordinarily beneficial, as evidenced by the infamous Colonial Pipeline attack. Segmentation kept the attack from traversing from the IT network to the operational network, which would have undoubtedly disrupted the utility’s ability to transport fuel. The attack did damage--but not as much as there would have been without network segmentation in place.
Is network segmentation right for your organization?
Here, things get a bit trickier. Because while network segmentation is highly effective in limiting damage and reducing risk, it can also be very expensive to implement and time-consuming to manage. LIke buying in bulk, things are cheaper (though not necessarily more secure) if you’re dealing with one big network rather than focusing on smaller bits and pieces. And focusing on those smaller pieces often requires more people power, which is already at a premium amongst highly stressed and burnt out cyber security teams.
Plus, if yours is like most organizations, you’re likely working with many--perhaps hundreds--of third or fourth party vendors. With so many outside partners, it can be difficult to achieve and manage proper segmentation.
Still, network segmentation can be right for your organization, as long as you’re doing it correctly. Some best practices to consider include:
- Quarantining systems that have known vulnerabilities or legacy systems that will never be patched but must remain online.
- Being vigilant about notifications around known vulnerabilities. These could come from a number of sources, including government organizations, business partners, or online forums. Once you hear something, you can take the steps necessary to segment your affected assets.
- Ascertaining your organization’s overall cyber security posture. BitSight’s Security Performance Management solutions--including BitSight Security Ratings and BitSight Third-Party Risk Management--can give you accurate insights into your company’s cyber security stature and that of your partners. You’ll be able to detect vulnerabilities, missing updates or patches, and other factors that could heighten your organization’s risk level.
A targeted approach to network segmentation
While network segmentation is an effective way to protect your organization against threats, it should not be done in a vacuum. You still need to gain a complete understanding of your entire digital ecosystem to achieve true protection, which is the most cost-effective, efficient, and effective means of defense. Complementing that approach with a targeted and proactive network segmentation strategy will strengthen your defenses even more.