In a earlier submit, I dove into some survey outcomes to clarify why segmentation has developed right into a foundational idea for community safety. Particularly, I mentioned how a twin segmentation method—deploying each macro- and micro-segmentation—helps organizations improve their community safety.
However implementing this twin method isn’t easy. There’s no “field” or single product that one can buy. Neither is there a single method that may be modeled as a finest follow for each use case. As a substitute, organizations are having to depend on a number of segmentation strategies. Sadly, this lack of readability can add complexity to an already advanced state of affairs. The outcome? Many, too many, segmentation tasks fail.
The information backs this up. In accordance with our survey outcomes, 94% of organizations are at present going through segmentation challenges, which vary from technical to non-technical points. Let’s dig deeper into the remainder of the report to know why organizations are going through these challenges and the way they will mitigate their affect.
Challenges Inhibiting Segmentation Tasks
Understanding the challenges organizations face will ease the transition from keen on complete segmentation implementations, permitting organizations to speed up their progress by way of their segmentation journeys. Sadly, this sense of frustration has turn out to be an epidemic. Along with the 94% of survey respondents who report going through challenges, 87% of respondents point out that their segmentation course of requires enchancment. The most typical challenges holding them up embody the complexity of their environments, an absence of visibility into these environments, and a failure to realize context into communication workflows between techniques.
1. Advanced Environments
In accordance with the report, the principle problem impeding segmentation tasks is the complexity ensuing from the mixture of hybrid IT, cloud, containers, and legacy techniques (54%). Managing in opposition to this complexity requires organizations to observe a typical framework to create community segmentation areas, then focus their time and sources on discovering options for edge use instances. Clearly, it’s important to deploy community safety applied sciences that span all these environments (on-premises, cloud, hybrid cloud, containers, SaaS, and so forth.) to get to a completely segmented setting.
2. Lack of Asset Visibility
The second principal problem is the shortage of visibility into community property (32%). And this is sensible. You’ll be able to’t safe what you don’t find out about. Whereas some portion of this problem stems from the complexity of the setting, a good portion will also be attributed to the complexity of enormous organizations, the place folks, processes, and know-how are consistently altering. For instance, the aim of a homegrown utility within the knowledge middle might have been completely apparent to the IT group just a few years in the past. Nonetheless, after organizational modifications and the introduction of shiny new purposes, organizational reminiscence has possible dwindled to the purpose the place securing the appliance dangers disrupting enterprise workflows.
3. Lack of Perception Into Communication Flows
A restricted understanding of how disparate customers, gadgets, purposes, and companies join and work together with one another makes it troublesome to create, apply, and implement segmentation insurance policies. In actual fact, the third most urgent problem is issue figuring out official communication flows between techniques (32%). Organizations want context that goes past simply IP addresses. Conduct must be tied to id (whether or not they’re an precise individual, machine, or workload). Having a greater understanding of person and workload behaviors permits organizations to create rulesets that enable or disallow particular actions and behaviors. This allows safety techniques to, for instance, decide that an try by an HR workload to hook up with the open Web just isn’t regular habits, needs to be marked as suspicious, and blocked to stop knowledge exfiltration.
Overcoming Segmentation Challenges Allows a Proactive Safety Technique
Segmentation stays a foundational ingredient of enterprise safety. Nonetheless, many organizations have but to totally implement each macro- and micro-segmentation attributable to a sequence of challenges, together with an more and more advanced IT setting, an absence of visibility into particular person workloads, and an absence of context for distinguishing between regular and irregular behaviors. These blockers should be addressed if organizations need to implement a proactive safety technique.
In our subsequent weblog, I’ll define what the survey outcomes reveal about the advantages organizations obtain when their segmentation tasks succeed. Within the meantime, obtain the 2025 Cisco Segmentation Report to higher perceive the state of segmentation immediately.
We’d love to listen to what you suppose! Ask a query and keep related with Cisco Safety on social media.
Cisco Safety Social Media
