Just before RSA, I had a chance to speak with Tony Bradley on the TechSpective podcast about what ‘breach readiness’ really means, how microsegmentation fits into Zero Trust, and why OT/IT convergence doesn’t have to keep CISOs up at night. If you prefer a deeper dive, listen to the podcast below.
And if you’re in for a quick read, here’s a rundown of my thoughts from the interview.
The Shift Has Already Happened
For years, cybersecurity was about one thing: keeping attackers out. The idea was simple—build a strong perimeter and assume everything inside is safe. But that model doesn’t work anymore. The moment people started working remotely and adopting cloud infrastructure, those boundaries began to dissolve. And attackers noticed.
The reality today is this: once someone gains access, they can move across your environment far too easily. The attack surface is wide. And unless you’re stopping lateral movement, a single breach can quickly escalate into a full-blown crisis.
That’s where ColorTokens comes in. We’re solving this exact problem. Our job is to make sure that even if someone gets in, they can’t get far. We prevent attackers from moving laterally and achieving their objectives. That’s the role of microsegmentation—and it’s where we lead.
Access Report | GigaOm Radar Report evaluates 15 top microsegmentation vendors. Know why ColorTokens is the only vendor to earn a perfect 5.0 score in every category of the Key Features comparison.
The Security Model is Evolving—Fast
Security has moved from reactive (think antivirus) to detection and response. But that’s still not enough. The new approach is proactive—and often called Zero Trust.
Zero Trust is about a mindset shift: assume you’re already breached, and architect accordingly. If you start from that assumption, everything changes—your policies, your design, your tools. It becomes about containment, not just prevention.
The encouraging part? CISOs are getting it. They’ve seen that cyber spend is rising—now a $250B market—but breaches are rising faster. So, they’re shifting mindset: not “if,” but “when.”
Why Lateral Movement is the Real Threat
Getting into an enterprise is easier than ever. Attackers can buy credentials, run phishing campaigns, or exploit weak links. But that’s not the end goal. What they’re after are the crown jewels.
Once inside, attackers perform recon—often using tools already present in your environment. PowerShell. Netstat. Built-in utilities. They escalate privileges, hijack sessions, and quietly move laterally—often unnoticed.
And by the time they reach their destination, it’s too late: ransomware is deployed, data is exfiltrated, or systems are disrupted.
Stopping that lateral movement is what matters most. And that’s the heart of what we do.
The IT–OT Convergence: A Perfect Storm
OT environments were once air-gapped. That’s no longer true. Devices are now connected to enable analytics, automation, and visibility. But with that connectivity comes risk.
OT protocols weren’t built for security. Encryption, integrity checks, even basic visibility—none of it was there. And now, these systems are converging with IT networks. Suddenly, IT leaders are responsible for systems they’ve never had to secure before.
ColorTokens saw this coming. That’s why we built our platform to provide a unified view across IT and OT. It works without agents, and it brings OT assets up to the same visibility level as IT—making it manageable, secure, and scalable from a single policy framework.
Access Forrester Wave Report | Know Why Forrester Rates us ‘Superior’ in OT, IoT Security
Breach Readiness = Business Continuity
Cybersecurity has to align with business goals. And that goal is simple: keep the business running—even during a breach.
This is what we mean when we say “be breach ready.” It’s not about perfection. It’s about resilience. If something breaks, how much can you keep running—30%? 80%? That’s the new benchmark for security.
Sophisticated CISOs are translating technical needs into business impact. They know which systems matter most—EPIC, Cerner, MRI machines—and they protect accordingly. Microsegmentation supports that thinking with business-aware policies and risk-aligned controls.
Zero Trust and Microsegmentation
Zero Trust gets a lot of airtime, but at its core, it’s about eliminating implicit trust. You don’t assume a device is safe just because it’s “inside.” You validate every request. You default to deny. You operate on a need-to-know basis.
That’s exactly what microsegmentation does. It takes the philosophy of Zero Trust and applies it to your network. It ensures only the right systems can talk to each other—and only in the way they’re supposed to.
Adoption, however, has been slow because of visibility gaps. Teams don’t always know what should be talking to what. That’s why we built capabilities like single pane of glass view, policy framework, and retroactive modeling—so you can test before you enforce.
Start small. Block SSH and RDP ports. Then expand. You don’t need to boil the ocean.
AI and the Road Ahead
AI changes the game, especially for attackers. Spoofing identities. Automating reconnaissance. Generating personas in seconds.
That’s why we want to double-down on:
- Anti-phishing capabilities to counter AI-driven social engineering
- Non-human identity protection for agentic workflows and service accounts
- Cloud and API security for AI workloads running in ephemeral environments
Here too, microsegmentation will continue to play a key role in minimizing risk, isolating threats, and safeguarding both human and non-human identities.
What We’re Bringing to RSAC
If you’re heading to San Francisco, let’s keep this conversation going in person. Swing by Booth #2027, South Expo Hall, Moscone Center (April 28 – May 1). We’ll show live demos of:
- Wall-to-wall microsegmentation—agent-based and agentless
- OT-in-a-Box: a working industrial control system protected in real time
- PureID’s passwordless authentication that sidelines phishing altogether
Our OT partners, global SIs, and product engineers will be on stage throughout the week. Bring your hardest segmentation question; we’ll map out a path that won’t overwhelm, whether you want a gradual rollout or an overnight lockdown.
Final Word: Don’t Be Afraid to Start—And Let’s Keep the Conversation Going
Microsegmentation has a reputation for being complex. But we’ve made it simple. You can start small or go big. Use the tools you already have. Move at your pace. Just don’t be afraid to start—because the threats aren’t waiting. And with the right approach, you can be breach ready, by design.
This post just skims the surface. For the full conversation, tune into the TechSpective podcast linked above. Or you can watch the video below.
Until then, remember: stopping the first breach is great; stopping the second, third, and fourth hop is how you stay in business.
Curious how to get started? Let’s talk.
