The State of Security Segmentation - How organizations protect against lateral movement
Security incidents are inevitable. Motivated attackers will find their way in. They might rely on clever pieces of never-before-seen malware, effective phishing campaigns that yield employee credentials, containers left exposed to the internet or invariably, vulnerable software.
What else have we come to accept? That attackers, once inside, seek to move laterally, looking to steal important intellectual property or sensitive customer information. Perhaps they merely want to lock up data with ransomware that moves laterally on its own or worse, destroy sensitive information. At this stage, when attackers begin to move laterally, a small security incident can transform into a full-blown breach.
Savvy organizations have further invested in modern defence-in-depth, including segmentation to stop attackers from moving laterally (or “east-west” as the kids call it), so they are left with no place to go.