Hear from CIOs, CTOs, and different C-level and senior execs on information and AI methods on the Way forward for Work Summit this January 12, 2022. Learn more
It’s one of many greatest questions in cybersecurity of 2021, and it’s certain to stay on the minds of numerous companies into the following yr, too: How do you forestall a software program provide chain assault?
Such assaults have soared by 650% since mid-2020, due largely to infiltration of open supply software program, in line with a latest examine by Sonatype.
However a fair greater driver of the query, in fact, has been the unprecedented assault on SolarWinds and clients of its Orion community monitoring platform. Within the assault, risk actors compromised the platform with malicious code that was then distributed as an replace to hundreds of shoppers, together with quite a few federal companies.
Addressing provide chain assaults
The one-year anniversary of the assault’s discovery is on Monday, however the reply for learn how to cease the “subsequent SolarWinds” assault doesn’t appear a lot clearer now than it did within the wake of the breach.
Maybe as a result of it’s the incorrect query.
Peter Firstbrook, a analysis vice chairman and analyst at Gartner, has expertise attempting to reply this query as a result of he’s been requested it rather a lot. Nonetheless, by way of stopping the impacts from a software program provide chain assault, “the truth is, you’ll be able to’t,” he mentioned last month throughout Gartner’s Safety & Danger Administration Summit — Americas digital convention.
Whereas firms ought to carry out their due diligence about what software program to make use of, the probabilities of recognizing a malicious implant in one other vendor’s software program are “extraordinarily low,” Firstbrook mentioned.
However that doesn’t imply there’s nothing to be carried out.
Whereas know-how that provides assured safety towards the impacts of software program provide chain breaches could by no means exist, options for zero-trust segmentation will be the subsequent smartest thing, mentioned James Turgal, a vice chairman at cybersecurity consulting agency Optiv.
Previous to Optiv, Turgal spent 22 years serving within the FBI, together with as govt assistant director for the bureau’s Data and Know-how Department. There, he noticed first-hand the forms of cyber methods which are handiest at disrupting attackers.
One of many greatest takeaways, Turgal mentioned, is that the harder you can also make it for attackers to transit by means of environments, the safer you’ll be. “I’ve interviewed these guys. Most of them are lazy as hell,” he mentioned. “Making it harder for them to maneuver throughout networks is admittedly useful.”
That’s the place zero-trust segmentation is available in. The concept is to divide an organization’s cloud and datacenter environments into completely different segments — all the best way all the way down to the extent of workload — which might every be locked down with their very own safety controls. For a enterprise, segmenting their structure on this approach — whereas additionally utilizing zero-trust authentication that repeatedly verifies a person’s id — could make it “harder for the dangerous guys to maneuver by means of networks and transfer laterally,” Turgal mentioned.
Decreasing the blast radius
One fast-growing vendor that’s completely centered on options for zero-trust segmentation is Illumio, which achieved a $2.75 billion valuation in June in reference to its $225 million sequence F funding round.
Based in 2013, Illumio presents segmentation options for each datacenter and cloud environments, with the addition of its cloud-native answer in October. The Sunnyvale, California-based firm expects to achieve “properly north” of $100 million in annual recurring income this yr, in line with Illumio cofounder and CEO Andrew Rubin.
In relation to segmentation, Illumio’s options have been in truth efficiently utilized by clients that have been impacted by the SolarWinds compromise to guard towards additional injury from the attackers, Rubin mentioned.
Throughout the assault marketing campaign, “we had clients that have been working that [SolarWinds] infrastructure and used us to section that drawback off from the remainder of their atmosphere,” Rubin mentioned in an interview with VentureBeat. “I can inform you that segmentation was an efficient safety management for decreasing the blast radius of that drawback.”
What Illumio presents with zero-trust segmentation is definitely very related in precept to the strategy that’s been taken to gradual the unfold of COVID-19, he famous. “The actual fact is that if we are able to cease it from spreading, that’s an unbelievably efficient method to management the injury,” Rubin mentioned. “We knew we couldn’t forestall the preliminary drawback, as a result of we already missed that. However we knew that we did have the flexibility to alter how rapidly and the way pervasively it unfold.”
In some ways, he mentioned, the cybersecurity trade “is now appreciating the worth of that storyline by saying, ‘We’re going to cease a variety of issues — however we are able to’t cease every thing. So let’s attempt to do a extremely good job of controlling the blast radius once they happen.’”
VentureBeat’s mission is to be a digital city sq. for technical decision-makers to achieve data about transformative know-how and transact.
Our web site delivers important data on information applied sciences and methods to information you as you lead your organizations. We invite you to develop into a member of our group, to entry:
- up-to-date data on the topics of curiosity to you
- our newsletters
- gated thought-leader content material and discounted entry to our prized occasions, comparable to Transform 2021: Learn More
- networking options, and extra