How to Contain Breaches in the Cloud

Written by PJ Kirner, CTO and Co-Founder, Illumio.

Hyperconnectivity, hybrid work and an increasingly distributed enterprise have all caused the modern attack surface to explode. In the past 2 years alone, 76 percent of organizations have been attacked by ransomware and 66 percent have experienced at least one software supply chain attack.

Despite our best efforts to prevent attacks, the reality of the situation is that modern organizations are bound to be breached. There are simply too many channels and avenues for bad actors to exploit to gain access to an organization, too many gaps between cloud environments to infiltrate, and too many unknowing insiders that can inadvertently put their organization at risk. Not to mention there are more workloads than ever before, and automation adoption - while helping drive business faster - is also increasing complexity. But not every breach in the cloud needs to have catastrophic business consequences.

Cyber resilience starts with “assume breach”

Organizations are increasingly recognizing that cyber resilience, particularly in the cloud, begins with the Zero Trust principle of “assume breach.” Operating under the assumption that bad actors are already lurking in the shadows, across the software supply chain and among hybrid IT – because they likely already are.

In the past 2 years, Zero Trust has gone from relevant among industry circles to an undisputed cyber best practice for organizations across industries. In fact, according to ESG, 90 percent of business leaders believe that advancing Zero Trust strategies is one of their top three security priorities for this year.

One rapidly emerging Zero Trust technology category, predicated on the “assume breach” principle, is Zero Trust Segmentation (ZTS). ZTS is a modern security approach that contains and minimizes the impact of breaches and ransomware across hybrid IT by continually visualizing how workloads and devices are communicating, creating granular policies that only allow wanted and necessary communication, and automatically isolating breaches by restricting lateral movement proactively or during an active attack. ZTS is designed to effectively isolate threats and mitigate the overarching business implications of breaches, helping organizations move from a traditional “find and fix it” mindset to today’s “limit and contain” reality.

Minimize impact, increase resilience.

Attacks are increasing in frequency and severity, and as more organizations harness the agility and efficiency afforded by the cloud, their IT environments are growing even more complex.

Breach containment, especially in the cloud, is the new security paradigm. The better equipped organizations are to isolate threats and contain breaches across hybrid IT – with technologies in place to help “assume breach” proactively – the better enabled they’ll be to withstand ongoing attacks with minimal downtime and limited business disruption.