Storage has always used architectures that split large amounts of something into smaller segments.
There are disks, drives, partitions, physical and logical volumes, and logical unit numbers (LUNs). Each represents a way to break big chunks of storage into bite-size pieces. Similarly in networking, the different areas of the network can be divided into sections as a sensible security strategy. This provides a great way of protecting data and storage systems from attack. If the bad actors get in one door, they may be able to do damage in that area, but they now have to break down further doors to access more data or systems.
Here are some of the top trends in network segmentation:
1. The promise of lift and shift sours
Many companies moved to the cloud on the premise that costs would be cheaper. They engaged consulting companies or partners to help them lift their existing applications and shift their applications, systems, storage, and backup systems to the cloud.
But doing the same exact thing from a different location doesn’t always have the tangible benefits that users hoped for, said Mike Bushong, group VP, cloud-ready data center, Juniper Networks.
He thinks the future will be decidedly more hybrid but not in the way that applications will dynamically move from on-prem to cloud and back. Applications that are not cloud native but that are still needed will likely stay where they are. New applications will be built with a specific hosting location in mind. And they will largely remain in the cloud.
“The move to the cloud will have given these companies a taste of cloud operations, and that will be enough to trigger a general adoption of cloud-like workflows and interfaces in on-prem infrastructure,” Bushong said.
“The promise of lift and shift has begun to sour.”
2. Responding to ransomware
Network segmentation is rising in profile as the number of ransomware attacks increases, along with their overall effectiveness.
U.S. banks processed $1.2 billion in ransomware payments last year. That’s triple what it was from the year before, and the total is expected to be even higher in 2022.
Roughly around half of all attacks are attributed to suspected foreign cyber hackers. Clearly, this poses huge security implications for the entire country.
Tarun Thakur, founder of data security platform company Veza, believes over-privilege is a huge part of the problem. He noted that current infrastructure lacks the necessary security measures that can help prevent bad actors from getting access to the data in the first place. Too many businesses do not have access and privilege management tools in place, creating serious implications for the customers they serve.
This applies to storage and backup systems. Ransomware is primarily about locking users out of systems and preventing access to their data. The bad actors go a step farther and infect backups to render them useless in the event of an attack. Thus, having data stored in different places with network segments in place makes it harder for cybercriminals to lock down all organizational data. This represents one strategy to limit the damage caused by ransomware.
3. Maximization of existing security stacks
The current economic climate dictates all enterprises become more efficient in their spending.
As a result, storage and security leaders are looking for ways to derive maximum value from their existing tech stack, rather than adding more point solutions to it.
Security automation, for example, is one way to unify existing security investments and harness their potential, enabling organizations to get more bang for the buck from them, said Leonid Belkind, co-founder and CTO of security automation firm Torq.
“Expect to see increasing pressure to maximize the value of existing security stacks,” Belkind said.
4. Proactive automation
Belkind with Torq also believes that the proactive footprint of security automation will continue to expand.
Rather than focusing on retroactively building workflows and processes based on historic attacks, security automation deployments will shift to a proactive approach to safeguard data and help prevent attacks before they happen. Part of this involves security teams harnessing early threat intelligence signals and building defenses against them into their workflows and processes.
“The result will be a comprehensive new offensive capacity framework that combines the entirety of the security stack into the most powerful protection approach to date,” Belkind said
5. No more dark corners
In addition, Belkind with Torq predicts that the security automation ecosystem will open up.
This will enable previously disparate security systems to talk to each other, so they can keep enterprise systems as well as storage and backup data secure.
His logic is simple: cybersecurity cannot exist in a vacuum. Systems, applications, and tools must become interoperable and interconnected. Security automation enables the seamless bridging of these systems, bringing them together under one roof, for comprehensive management, monitoring, and measurement.