Lack of segmentation exposes enterprise networks to risk
Segmentation is an approach that separates critical areas of the network to control traffic, prevent lateral movement, and ultimately reduce the attack surface.
But according to a new study from Guardicore -- based on a survey of over 1,000 IT decision makers by Vanson Bourne -- while 96 percent of organizations claim to be implementing segmentation in their networks, only two percent are segmenting all six mission-critical asset classes, including critical applications, public-facing applications, domain controllers, endpoints, servers, and business critical assets/data.
Traditionally, segmentation is done using an architectural approach -- relying on hardware, firewalls and manual work. But this can often prove cumbersome and labor intensive, which is a contributing factor in 82 percent of respondents saying that network segmentation is a 'huge task'.
"The findings of the report demonstrate just how valuable a strong segmentation strategy can be for organizations looking to reduce their attack surface and stop damaging attacks like ransomware," says Pavel Gurvich, SVP of Akamai Enterprise Security (former CEO of Guardicore). "In the past, implementing segmentation on the infrastructure level was difficult, but we see lots of interest in and opportunity for organizations to implement software-based segmentation which significantly simplifies deployment and accelerates projects. Software-based segmentation will be a key security approach in adopting zero trust frameworks and urgently protecting against ransomware in the coming years."
Despite 96 percent of respondents claiming segmentation is implemented in their networks, 75 percent say their organization uses segmentation across two or fewer mission-critical areas that businesses need to protect, with 50 percent claiming to segment just one mission-critical area.
Respondents identify external attacks spreading more quickly (49 percent) and internal attack ease (44 percent) as the most likely risks arising from unsegmented networks.
Organizations surveyed faced an average of 43 ransomware attacks in the last 12 months. 14 of those attacks reached the stage of lateral movement, suggesting that the segmentation protections in place are not as strong as they could be. The average time required to limit lateral movement and prevent ransomware attacks is 32 percent lower for organizations with four or more of their mission-critical assets protected, compared to those with none or just one protected by segmentation.
The full report is available from the Guardicore site.