New Report Shows Enterprises Deploying Limited Segmentation Strategies Despite 92% of Security Leaders Claiming to Believe the Technology Prevented Cyberattacks from Causing Data Breaches
According to a new report, “State of Segmentation: Strong Implementations Reap Great Security Awards,” 96% of organizations claim to be implementing segmentation in their networks, yet only 2% of those organizations are segmenting all six mission-critical asset classes, including critical applications, public-facing applications, domain controllers, endpoints, servers, and business critical assets/data, with segmentation. Conducted by Vanson Bourne on behalf of Guardicore, now part of Akamai, the research surveyed 1,000 IT security decision-makers across seven countries, detailing current trends in segmentation across enterprises and the security advantages associated with strong segmentation implementations.
Segmentation is an IT approach that separates critical areas of the network to control east-west traffic, prevent lateral movement, and ultimately reduce the attack surface. Traditionally, this is done via an architectural approach - relying on hardware, firewalls and manual work. This can often prove cumbersome and labor intensive, which is a contributing factor in 82% of respondents saying that network segmentation is a “huge task.” Our research finds segmentation strategies are often limited in breadth and depth, in part due to the reasons mentioned above. Modern segmentation uses a software-based approach that is simpler to use, faster to implement and is able to secure more critical assets. The research shows that organizations that leverage the latest approach to segmentation will realize essential security benefits, like identifying more ransomware attacks and reducing time to mitigate attacks.
“The findings of the report demonstrate just how valuable a strong segmentation strategy can be for organizations looking to reduce their attack surface and stop damaging attacks like ransomware,” said Pavel Gurvich, SVP, Akamai Enterprise Security (former CEO of Guardicore). “In the past, implementing segmentation on the infrastructure level was difficult, but we see lots of interest in and opportunity for organizations to implement software-based segmentation which significantly simplifies deployment and accelerates projects. Software-based segmentation will be a key security approach in adopting Zero Trust frameworks and urgently protecting against ransomware in the coming years.”
Summary of Key Findings
Current Segmentation Strategies Are Limited: Despite 96% of respondents claiming segmentation is implemented in their networks, 75% say their organization uses segmentation across two or less mission-critical areas that businesses need to protect, with 50% claiming to segment just one mission-critical area. Many of these organizations have been feeling the repercussions of not adequately segmenting mission-critical assets. According to the survey, organizations faced an average of 43 ransomware attacks in the last 12 months. 14 of those attacks reached the stage of lateral movement, demonstrating that the segmentation protections organizations have in place are not as strong as they could be.
Leaving Networks Un-Segmented Invites More Enterprise Risk: 92% of respondents believe that network segmentation has prevented cyber-attacks on their organization from doing significant damage or stealing substantial amounts of data. This sentiment is why 96% of respondents believe that leaving networks unsegmented will lead to more risk. Further, respondents identified external attacks spreading more quickly (49%) and internal attack ease (44%) as the most likely risks stemming from unsegmented networks
Lack Of Segmentation Implementation Amid COVID-19: 43% of respondents say that network segmentation has either not occurred in their organization or not in the past two years. These statistics are meaningful, given the significant and sudden global shift to hybrid cloud environments as businesses adapted to remote work due to COVID-19. Based on the data, it’s possible that misconceptions around traditional segmentation approaches prevented security leaders from implementing segmentation projects in their new hybrid cloud environments. Fortunately for organizations, modern software-based approaches to segmentation are much easier to implement in these new IT environments and provide greater security benefits like north-west traffic control and process-level details.
Segmentation Stops Cyber Attacks: The average time required to limit lateral movement and prevent ransomware attacks is 32% lower for organizations with 4 or more of their mission-critical assets protected, compared to those with none or only one mission-critical asset protected with segmentation.
For more information on how to improve your organization’s segmentation implementations, visit: https://www.guardicore.com/
Guardicore, now part of Akamai, delivers easy-to-use Zero Trust network segmentation to security practitioners across the globe. Our mission is to minimize the effects of high-impact breaches, like ransomware, while protecting the critical assets at the heart of your network. We shut down adversarial lateral movement fast. From bare metal to virtual machines and containers, Guardicore has you covered across your endpoints, data centers, and the cloud. Our software-based platform helps you become more secure to enable your organization’s digital transformation.
View source version on businesswire.com: https://www.businesswire.com/news/home/20211214005231/en/