Like many families, at the Enterprise Networking family reunion, you’ll find precocious toddlers, wild uncles, steady parent figures, and wise grandparents.
Gartner’s influential reports, the Hype Cycle for Enterprise Networking, 2024, and The Hype Cycle for Zero Trust Networking, 2024 have recently been published. These reports categorize various technologies in the Enterprise Networking family based on their position in the cycle, from innovation to inflated expectations, through the trough of disillusionment, up the slope of enlightenment, and finally onto the plateau of productivity.
As you can see in the figures below, microsegmentation is now well into the slope of enlightenment in both categories. Gartner predicts that in less than two years, it will be on the plateau of productivity. No longer solely the purview of early adopters, microsegmentation is delivering on its promise for mainstream enterprise use cases. Indeed, it’s all grown up.
At ColorTokens, we are seeing that prudent CISOs, CIOs, Risk Managers and Infrastructure Leaders now consider microsegmentation a fundamental technology necessary to protect their critical digital operations.
Pull up a lawn chair and grab a beer. Let’s talk for a minute.
Consider this simplified version of the typical attack framework below. In the first phase, the hacker is researching the dark web to prepare the attack. You can’t do anything about this, it’s outside of your enterprise. By the fourth phase, it’s too late, the hacker has encrypted your data or exfiltrated it. Industry statistics tell us that most investments in cybersecurity are spent in the second attack phase, trying to prevent a breach. But the fundamental problem in cyber defense is that the law of large numbers favors the attacker—the hacker only needs to be right once, while the defender must be right every time. Since eventually a breach is inevitable, it’s the third phase, where the attacker seeks to spread the attack laterally throughout your enterprise, where your cyber defense strategy can have the greatest impact.
It’s high time we recognized that cyber defense can no longer rely solely on breach prevention strategies. The need of the hour is a proactive approach focusing on breach readiness. Recent history has taught us that despite all your perimeter defenses, some employee will click on a malicious link or succumb to MFA prompt bombing in the middle of the night, resulting in a breach. This is where microsegmentation comes into play. It offers a strategy that postures the enterprise for resilience by design. It does this by preventing the lateral spread of a breach after an initial compromise, isolating critical digital operations, and quarantining compromised systems. It allows valid business processes to proceed while stopping unauthorized traffic. In a phrase, microsegmentation prevents a breach from becoming a crisis.
Microsegmentation is the latest generation of network segmentation strategies. It’s called micro because it’s more granular than traditional network segmentation in that traffic policy is defined by micro-perimeters around every asset. First-generation hardware-configured VLAN segmentation and ACLs (Access Control Lists) do not adequately address the lateral propagation of a breach within the VLAN zone. In addition, microsegmentation is more agile because it is software-defined, not hardware-defined. Centrally controlled from the administrator user interface, it offers one policy decision point controlling many policy enforcement points. Templates can be invoked automatically to isolate critical systems, and quarantine compromised ones in case of a breach.
One caveat about implementing microsegmentation: the deployment should cover all types of assets and endpoints in the enterprise landscape. If enforcement is not pervasive for all asset types, it won’t prevent a breach from spreading. Hackers will just walk around the gate if it is not part of a continuous fence. ColorTokens offers zero trust policy enforcement pervasively throughout the enterprise landscape. It covers data center servers, user endpoints, Kubernetes containers, cloud workloads, Internet-of-Things devices, Industrial Control Systems/Operational Technology, and even legacy operating systems. It flexibly uses both agent-based and agentless policy enforcement points for the different use cases, all through a unified administrator console.
For all these reasons, we agree with Gartner about the position of microsegmentation. We believe you should move up the slope of enlightenment and invite microsegmentation to the party. So, let’s get together at your next cybersecurity barbeque and discuss how ColorTokens can be your steady partner in helping you make your enterprise breach ready. We’ll have relish and mustard on our hot dog, please.
