sb-as logo
Story image

Three reasons organizations should consider network segmentation

04 Sep 2018

Network segmentation is one of many things an organization can do to improve their security posture – and those that resist investment in the right security could be exposed to more expenses or breaches.

That’s according to ForeScout, which notes that the scope and reach of networks is expanding, which means network segmentation should be considered as part of any security arsenal.

ForeScout says that network segmentation splits networks into specific zones, which can then enact barriers against infiltrators. Those infiltrators then have difficulty compromising an entire network.

The company argues that while non-segmented networks are generally protected by a firewall, hackers can still break through and access an organization’s network and data.

Network segmentation can prevent these types of compromises.

According to ForeScout senior director for Asia Pacific and Japan, Steve Hunter, segmentation can reduce the scope of a breach, and also allows organizations to group assets with similar data protection requirements.

“For example, this can help healthcare companies apply more stringent and expensive protections on critical patient data, or retailers complying with PCI to use less expensive protections for less important services,” Hunter explains. “Security challenges continue to challenge a company’s capacity to respond. Network-connected devices and the resulting IP traffic will continue to increase. This ongoing growth in our networks will require insight, visibility and control.”

ForeScout says there are three reasons why managers should adopt network segmentation: 

1. It is a core security practice that is necessary:

Network segmentation lets organizations protect data more effectively. Dysfunctional security measures can knock services and applications offline, bringing business to a halt.

Additionally, in a political environment where company data practice is highly scrutinised, given the General Data Protection Regulation (GDPR)* in Europe, and the Notifiable Data Breaches (NDB) scheme in Australia, organizations must demonstrate they’re conscientious custodians of confidential information. A data breach could spell costly fines and cause severe reputational damage.

2. Security measures sensibly applied can save organizations money: 

Security breaches often turn customers away and impact an organization’s profit. Organizations also need to spend large amounts of money cleaning up messes caused by cyberattacks.

This includes reaching out to customers, addressing the public, restoring data, fixing software, catering to staff needs and paying for immediate (expensive) security damage control. Organizations should adopt recommended security measures, so they can save money in the long run. Secure, segmented networks are a foundation for effective data asset protection. 

3. Building a segmented network can be straightforward: 

Many companies resist segmentation because they think it's expensive and cumbersome. The industry hasn’t helped with a focus on new approaches that require whole new networks.

However, it needn’t break the bank, nor require a complete redesign of an existing network. Segmentation can easily integrate with existing software and connected devices. The techniques for segmentation in a newer network may differ from an ageing network or in a cloud network, but segmentation is needed in all of them. 

“Managers should open their minds to new security practices, learn how their networks operate and understand how segmentation can protect their organization,” Hunter says.

“This type of digital transformation can help keep businesses afloat, even in the face of a significant cyberattack. Organizations that fail to embrace visibility and network segmentation will fall behind and open themselves up to increased risks of cyberattack, along with major financial and business implications.”

Story image
GCloud updates capabilities with Anthos enhancements
Google Cloud has announced improvements for hybrid compatibility, services, development, migration and identity security with updates to Anthos.More
Story image
Revealed: The behaviours exhibited by the most effective CISOs
As cyber-threats pile up, more is being asked of CISOs - and according to Gartner, only a precious few are 'excelling' by the standards of their CISO Effectiveness Index.More
Story image
Research: 61% of companies have suffered an insider attack in last 12 months
It comes as rapid migration to cloud and remote working and BYOD scenarios leave organisations increasingly vulnerable to insider attacks as a result of the upheaval caused by the COVID-19 pandemic.More
Story image
Radware issues security alert, warning of global rise of DDoS-for-hire
Efforts from corporations, law enforcement and independent researchers around the world have attempted in the last two years to curb this growth – but the industry keeps growing says Radware information security researcher Daniel Smith.More
Story image
ESET launches the latest version of its Mobile Security solution
“With this latest version of ESET Mobile Security, we want to ensure our users feel completely secure when performing financial transactions on their devices, in addition to being protected from malware and phishing attempts."More
Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More