industry expert other applications or databases on ports that ransomware will typically use , you can do this .
We have examples of customers who have experienced an attack where perhaps 10 servers get infected out of a thousand but , by using Zero Trust segmentation alongside other controls , they ’ re able to remediate , clean up , roll back and do all the things required to stop ransomware on those servers .
It means that instead of a breach where you ’ re losing data and it ’ s costing money , you ’ re stopping it there and then in its tracks .
While there isn ’ t a single silver bullet to stop ransomware , you need to go through several stages .
First , build your protection and have the capability to hit an automated big red button if you do detect ransomware . That brings the shutters down and stops everything from moving .
Then use the remediation controls that exist within your next-gen antivirus or your EDR to find where it is and remove it .
How can organisations ensure scalability of Zero Trust and how important is automation for this ?
We always say , ‘ don ’ t try and eat the whole elephant ’. Do it a piece at a time . When looking at the origins of Zero Trust and the documents written around that at the start , it identified the need to identify the key assets that you want to protect .
Stop thinking about an attack surface and start thinking about a protected surface .
Once you ’ ve identified those things you want to protect , you can then effectively ring-fence them and isolate them in stages , starting with the things that are most important and then working through the others .
People get very daunted by Zero Trust as it can seem like a huge project , but if you take it slice by slice , you can do it in any organisation at any scale .
Trevor Dearing , Technical Director , EMEA , Illumio
How does Zero Trust segmentation also enable protection against other threats ?
Everyone gets very focused on ransomware because it makes for some shocking headlines , but there are a lot of other attacks out there . Many use the same delivery mechanisms as ransomware so if we can stop those , we can stop any attack that uses that method .
Any attacker will want to get into an organisation , find high-value assets and attack , either stealing the data or blocking it or whatever it happens to be . So , by segmenting , you ’ re stopping that sort of activity from happening . It ’ s as valid for other attacks as it is for ransomware .
How does Illumio support CISOs to implement a robust Zero Trust strategy for ransomware prevention ?
The key to what we offer is simplicity . We use the firewall within the workload to be able to control communication between any two workloads . By doing that , we can block and allow certain different types of traffic .
It ’ s done either from an automated perspective through an API or third party , or you have a map of your organisation where you can click on links and apply rules , or just apply a global rule that says , ‘ stop RDP , stop SMB ’, for example .
Zero Trust is different to traditional security , where in the past you were trying to identify what was bad and stop it . It ’ s now about identifying what is good and allowing it and that gives you a much easier population to approach .
By being able to do that with a couple of clicks of the mouse makes a difference .
With Illumio , once you ’ ve clicked , you ’ re away and the fact that you can test any rules that you put in place before you enforce them just makes that whole process much simpler . u www . intelligentciso . com
79