sb-as logo
Story image

Three reasons organizations should consider network segmentation

04 Sep 2018

Network segmentation is one of many things an organization can do to improve their security posture – and those that resist investment in the right security could be exposed to more expenses or breaches.

That’s according to ForeScout, which notes that the scope and reach of networks is expanding, which means network segmentation should be considered as part of any security arsenal.

ForeScout says that network segmentation splits networks into specific zones, which can then enact barriers against infiltrators. Those infiltrators then have difficulty compromising an entire network.

The company argues that while non-segmented networks are generally protected by a firewall, hackers can still break through and access an organization’s network and data.

Network segmentation can prevent these types of compromises.

According to ForeScout senior director for Asia Pacific and Japan, Steve Hunter, segmentation can reduce the scope of a breach, and also allows organizations to group assets with similar data protection requirements.

“For example, this can help healthcare companies apply more stringent and expensive protections on critical patient data, or retailers complying with PCI to use less expensive protections for less important services,” Hunter explains. “Security challenges continue to challenge a company’s capacity to respond. Network-connected devices and the resulting IP traffic will continue to increase. This ongoing growth in our networks will require insight, visibility and control.”

ForeScout says there are three reasons why managers should adopt network segmentation: 

1. It is a core security practice that is necessary:

Network segmentation lets organizations protect data more effectively. Dysfunctional security measures can knock services and applications offline, bringing business to a halt.

Additionally, in a political environment where company data practice is highly scrutinised, given the General Data Protection Regulation (GDPR)* in Europe, and the Notifiable Data Breaches (NDB) scheme in Australia, organizations must demonstrate they’re conscientious custodians of confidential information. A data breach could spell costly fines and cause severe reputational damage.

2. Security measures sensibly applied can save organizations money: 

Security breaches often turn customers away and impact an organization’s profit. Organizations also need to spend large amounts of money cleaning up messes caused by cyberattacks.

This includes reaching out to customers, addressing the public, restoring data, fixing software, catering to staff needs and paying for immediate (expensive) security damage control. Organizations should adopt recommended security measures, so they can save money in the long run. Secure, segmented networks are a foundation for effective data asset protection. 

3. Building a segmented network can be straightforward: 

Many companies resist segmentation because they think it's expensive and cumbersome. The industry hasn’t helped with a focus on new approaches that require whole new networks.

However, it needn’t break the bank, nor require a complete redesign of an existing network. Segmentation can easily integrate with existing software and connected devices. The techniques for segmentation in a newer network may differ from an ageing network or in a cloud network, but segmentation is needed in all of them. 

“Managers should open their minds to new security practices, learn how their networks operate and understand how segmentation can protect their organization,” Hunter says.

“This type of digital transformation can help keep businesses afloat, even in the face of a significant cyberattack. Organizations that fail to embrace visibility and network segmentation will fall behind and open themselves up to increased risks of cyberattack, along with major financial and business implications.”

Story image
Forescout expands integrations with partner solutions
Expanded partnerships and integrations with Splunk, CrowdStrike and CyberArk allow for better IT and OT security posture for joint customers.More
Story image
Voice phishing attacks on the rise, remote workers vulnerable
There is an increase in voice phishing attacks, where hackers use existing employee names in attempt to trick victims into sharing login credentials and data by phone.More
Story image
Ivanti extends ESM automation capabilities with latest additions
Ivanti has made additions to its Enterprise Service Management (ESM) portfolio, with greater automation capabilities between service management and SecOps. More
Story image
DevSecOps increasingly important, but APAC organisations lagging behind
The rise of DevSecOps comes at a time when IT leaders are faced with an increasingly active cyber threat landscape, coupled with higher consumer expectations of digital offerings and application usage due to a sharp increase in online activities.More
Story image
Ingram Micro becomes Thycotic's primary distributor in Singapore
As part of the partnership, Ingram Micro will leverage its position within the distribution sector and, its global infrastructure and its go-to-market (GTM) expertise, to deliver a joint GTM strategy in Singapore with Thycotic.More
Story image
Trend Micro integrates with AWS Gateway Load Balancer for improved security function
Cloud security firm Trend Micro has announced its hybrid cloud security integration with the newly launched AWS Gateway Load Balancer.More