Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations

9/30/2019
09:00 AM
Connect Directly
Twitter
RSS
E-Mail

8 Microsegmentation Pitfalls to Avoid

Don't fall victim to these common mistakes on the path to developing better security boundaries and limiting the blast radius of security incidents.
2 of 9

Overly Complex Metrics
'The biggest mistake you should strive to avoid here is adding unnecessary complexity. The simpler a solution is, the less room there is for a costly mistake that could lead to a breach. This also makes it easier for new employees to be brought up to speed on managing your solutions, applications, and services.'
-Marc Laliberte, senior security analyst, WatchGuard Technologies

Image Source: Marc Laliberte/WatchGuard Technologies

Overly Complex Metrics

"The biggest mistake you should strive to avoid here is adding unnecessary complexity. The simpler a solution is, the less room there is for a costly mistake that could lead to a breach. This also makes it easier for new employees to be brought up to speed on managing your solutions, applications, and services."
Marc Laliberte, senior security analyst, WatchGuard Technologies

Image Source: Marc Laliberte/WatchGuard Technologies

2 of 9
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
ArielZ999
50%
50%
ArielZ999,
User Rank: Author
11/7/2019 | 4:55:18 AM
Micro-segmentation is scary
From my experience the truth is that simple segmentation and zoning is very hard in todays environments - people are struggling to separate PROD from DEV in anything but non trivial environments. let alone doing smth that is even close to micro.
The biggest mistake that people make, imho, is that they try to move from 0 to 100 and the comlexity vs. the marginal benefit over a much more modest segmentation goals is what kills the project, unfortunatelly for many years in an organization, once they fail it will take them a long time to try again. And frankly for most organizations it seams so "unachievable" that they do not even start doing it. 
My recommendation is to define modest goals such as separate prod from dev and select ~10-20 of you most cirital apps to ring-fence this achievable especially if leveraging the modern micro-segmentation technologies and you will be in a much much better place from your risk perspective. 
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
7 Tips for Infosec Pros Considering A Lateral Career Move
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2020
For Mismanaged SOCs, The Price Is Not Right
Kelly Sheridan, Staff Editor, Dark Reading,  1/22/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: I've never actually seen the corporate ladder before.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
How Enterprises are Attacking the Cybersecurity Problem
How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18898
PUBLISHED: 2020-01-23
UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allowed local attackers escalate privileges from user tss to root. This issue affects: SUSE SUSE Linux Enterprise Server 15 SP1 trousers versions prior to 0.3.14...
CVE-2019-19837
PUBLISHED: 2020-01-23
Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote information disclosure of bin/web.conf via HTTP requests.
CVE-2020-7210
PUBLISHED: 2020-01-23
Umbraco CMS 8.2.2 allows CSRF to enable/disable or delete user accounts.
CVE-2019-19835
PUBLISHED: 2020-01-23
SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the tools/_rcmdstat.jsp URI.
CVE-2020-5216
PUBLISHED: 2020-01-23
In Secure Headers (RubyGem secure_headers), a directive injection vulnerability is present in versions before 3.9.0, 5.2.0, and 6.3.0. If user-supplied input was passed into append/override_content_security_policy_directives, a newline could be injected leading to limited header injection. Upon seei...