https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • MSP 501 Rankings
    • NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Channel Futures 20: Top Tech Providers
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
    • Channel Leaders Lists
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • MSP 501 Rankings
    • NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Channel Futures 20: Top Tech Providers
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
    • Channel Leaders Lists
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

MSSP Insider


Shutterstock

Zero trust security

Why Threat Detection Needs Zero-Trust Segmentation

  • Written by John Skinner
  • October 13, 2021
Segmenting the network as part of a security strategy can make it easier to detect threats.
Illumio's John Skinner

John Skinner

Over the last decade, cybersecurity has become infinitely more complex. Consequently, many organizations have turned to managed security services providers (MSSPs) to help protect them. Up until now, their focus has been almost entirely on threat detection and response, but that decision has had some negative, unintended consequences.

For most organizations – commercial, nonprofit or public sector – cybersecurity isn’t a core competency. That’s why many have outsourced some or all of it to an MSSP. And that outsourcing doesn’t just include security operations; it’s often the entire cybersecurity function, including purchasing and strategic planning.

When the client of an MSSP has a high-profile security breach, like a widespread ransomware attack, the ensuing conversations aren’t pleasant. The entire reason a company outsources its security function to an MSSP is to avoid those outcomes and their attendant publicity, cost and damage to the brand.

AI: Panacea, or a Tool that Needs Assistance?

Many vendors have convinced organizations that the answer to their prayers is AI-based threat detection. They’ve been led to believe that if they just spend enough money on AI, they’ll catch those ultra-sneaky attackers. They’ve gone down an AI-based detection rabbit hole, but the results they were expecting haven’t materialized. They haven’t happened.

While I agree that AI-based threat detection is a major step forward for our industry, it needs some assistance to get the job done. Enter zero-trust segmentation.

If you presegment the network before you go threat hunting, the task of detection – be it AI-assisted or not – becomes much simpler and faster. You reduce the size of the attack surface where you need to look for threats. Pre-emptive segmentation eliminates many of the pathways that would otherwise enable attackers to move laterally across the internal network.

The metaphor I use is rather than looking for one needle in one big, complex haystack, you create lots of micro haystacks. Then your tools can look inside these micro haystacks in parallel, so you’re likely to find that needle much sooner.

What a Ship Can Teach Us About Segmentation

Years ago, in my first active duty assignment as a U.S. Navy midshipman, I boarded the USS McCloy, whose primary mission was to hunt, detect and deter enemy submarines off the U.S. coastline. I had just finished my first year of college as an electrical engineering major and was training to become an officer in the U.S. Navy. I couldn’t wait to learn about the Navy’s sophisticated enemy submarine detection technology and meet members of the McCloy’s elite threat-detection team.

So, imagine my surprise on the first day when I was handed some wrenches and screwdrivers, paired with a fellow crew member, and assigned the task of ensuring all 30 or so steel “hatches” (aka doors) on the McCloy were ship-shape. And if they weren’t, to make any repairs. So much for helping my shipmates hunt down malicious adversaries!

As I went about my mission, I thought about the phrase “batten down the hatches.” It originated in the 19th century when, at the onset of a major storm or other risk of water breach, ship captains would order their crew to close all doors on the ship and barricade those doors with wooden rods or “battens.” Today, this phrase is a metaphor for the wisdom of taking immediate and decisive action at the onset of any major risk.

I came to appreciate that all the McCloy’s elite tech and threat-hunting experts would be at risk of failing their mission if the McCloy’s hatches weren’t there to protect them. Thanks to the McCloy’s built-in segmentation architecture and well-functioning hatches, a hull breach would not escalate into lateral spread of water from hallway-to-hallway, and from room-to-room, sinking the ship.

The Cyber Equivalent of Battening Down the Hatches

In the 1990 movie “The Hunt for Red October,” the Red October was a Russian submarine with the most advanced detection avoidance technology. In today’s cyber equivalent, we’re not hunting for elusive submarines, but for increasingly stealthy and sophisticated cyber-adversaries in electronic networks.

Cyber threat hunters must segment their networks with electronic “hatches” to prevent the lateral movement of intrusions. If you have a breach in your network, you don’t want malware or ransomware to spread, which is why you must divide the network into individual compartments that function as barriers.

Segmentation is a security tool, in addition to managed detection and response (MDR) that MSSPs can offer as a service — zero trust segmentation as a service.

In my next blog, I’ll further explain why segmentation (and, more specifically, host-based segmentation) is a perfect complement to robust managed detection and response. It’s not only good for MSSP clients, but good for the MSSP as well.

John Skinner is vice president of business development at Illumio, a pioneer of zero-trust segmentation. Previously, he was VP of global business development and APAC sales at Shape Security, helping to drive the growth that culminated in the company’s acquisition by F5 Networks, served as the VP of business development at HyTrust and led several technology integration teams at Intel. He holds an MBA from Rutgers, a certificate in AI from DeepLearning, and a bachelor’s degree in electrical/computer engineering from Cornell, where he is a guest lecturer on technology monetization. You may follow him on LinkedIn or @illumio on Twitter.

Tags: MSPs Analytics Best Practices MSSP Insider Security

Most Recent


  • td synnex ciso
    The Gately Report: TD Synnex CISO on Protecting the World's Largest Distributor
    Apria Healthcare takes years to report massive data breach.
  • ransomware attacks
    Survey: Backups Are Prime Targets for Ransomware Attacks, Most Remain Exposed
    Veeam’s 2023 Ransomware Trends Report shows many pay ransom but don’t always recover.
  • call for speakers
    Channel Futures Leadership Summit Call for Speakers Open
    Speaker applications for “The New Style of Leadership” are open until July 3.
  • Kasten K10 V 6.0
    Veeam Previews Enhanced Kubernetes Protection, Security with Kasten K10 V 6.0
    Veeam showcased forthcoming release at the annual VeeamON conference in Miami.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • network
    Seamlessly Connecting and Securing a Work-from-Anywhere World with ZTNA and SD-WAN
  • data theft
    SnapMC Rapidly Steals Data, Demands Payment Without Ransomware
  • Scary hacker
    Ransom Disclosure Act Aims to Help Feds Fight Cybercrime
  • Data Leak
    Amazon's Twitch Suffers Data Leak, Users Called 'Disgusting Toxic Cesspool' by Hackers

Upcoming Events

View all

Channel Partners Europe

June 13, 2023 - June 14, 2023

Channel Futures Leadership Summit

October 30, 2023 - November 2, 2023

Channel Partners Conference & Expo

March 11, 2024 - March 14, 2024

Galleries

View all

The Gately Report: TD Synnex CISO on Protecting the World’s Largest Distributor

May 30, 2023

Survey: Backups Are Prime Targets for Ransomware Attacks, Most Remain Exposed

May 26, 2023

Faces of the Partner: 6 New Tech Advisors Entering the Channel

May 26, 2023

Industry Perspectives

View all

Dell Technologies World: Dell Apex Expanded Across On-Premises, Cloud and Edge

May 22, 2023

Identity Is Increasingly Valuable – and Targeted

May 18, 2023

Gaining a Competitive Advantage through AV Managed Services

May 10, 2023

Webinars

View all

From Problem to Profit: Mastering the Science of Selling Using Business Outcomes

May 9, 2023

Meet the 2023 Channel Futures Channel Influencers

April 13, 2023

DE&I Dialogue: How the Right DE&I Initiatives Can Propel Your Business

April 5, 2023

White Papers

View all

6 UCaaS Reseller Challenges and How Real World Businesses Solved Them

February 1, 2023

Frost Radar: North American UCaaS Market, 2022

February 1, 2023

The Complete Guide to White-Label UCaaS for Reseller Success

February 1, 2023

Channel Futures TV

View all

Coffee with Craig and James Episode No. 123: MartinWolf M&A Advisors, CP Expo Preview

UScellular Takes On Rivals with Partner Program Simplicity

April 21, 2023

OpenText Simplifying Deal Registration, Doubling Down on MDF

April 21, 2023

Everything-as-a-Service: CloudBlue Touts Critical Customer Transition

April 18, 2023

Twitter

ChannelFutures

Our latest #GatelyReport includes a Q&A with @TDSYNNEX CISO Dan Lasher, #cyberattack in Augusta, Georgia, Apria Hea… twitter.com/i/web/status/1…

May 30, 2023
ChannelFutures

Who has been a diversity, equity & inclusion role model in your career? Take a moment to honor their initiatives in… twitter.com/i/web/status/1…

May 29, 2023
ChannelFutures

Paul Green @msp_voice will help MSPs gain more #customers and #sales at @ChannelEurop June 13.… twitter.com/i/web/status/1…

May 26, 2023
ChannelFutures

.@coalesceIO unveils revamped partner program. #datatransformation dlvr.it/SphJm4 https://t.co/s7fYAVmFGD

May 26, 2023
ChannelFutures

.@Veeam #Ransomeware survey: backups are not adequately protected, 85% suffered at least 1 attack in past year… twitter.com/i/web/status/1…

May 26, 2023
ChannelFutures

.@MSPSummit call for speakers is open now through July 3. The theme for this year’s summit is “The New Style of Lea… twitter.com/i/web/status/1…

May 26, 2023
ChannelFutures

Channel Futures interviewed six individuals who started an agency in the last two years. dlvr.it/SpgV6l https://t.co/JXKhJcw31A

May 26, 2023
ChannelFutures

Channel Futures interviewed six individuals who started an agency in the last two years. dlvr.it/SpgTQg https://t.co/7eIp0XgwQ2

May 26, 2023

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X