https://ift.tt/x75CQJq
Zero trust segmentation vendor Illumio believes that in today’s cyber security landscape, it’s important to assume a breach has already happened, even if one hasn’t happened yet.
Speaking to ARN, Illumio director of channel sales Johann Ramchandra and senior vice president of global partner sales and alliances Todd Palmer stressed that end-users must accept that breaches were inevitable, but managed service providers (MSP) play a valuable role in helping to always identify and protect their most critical assets.
A spate of massive data breaches that have caused significant pain for organisations and an increased focus on government regulations and security frameworks has led to interest in segmentation.
“Visibility and segmentation are essential in these frameworks, regardless of who’s creating them. In the last year, the reception from our partners has been phenomenal,” said Ramchandra.
Customers need help, with many having spent heavily on preventative technology, but companies are still getting breached and losing money, Palmer said.
“They’re looking to integrate segmentation into the reference architectures they’re selling to their customers because it’s the missing piece in securing and de-risking their organisations,” he said.
According to Ramchandra, the “assumed breach” mindset is something more partners and customers are adopting.
“The days of putting all your eggs in one basket with prevention are over,” he said. “Companies realise that mindset needs to change.
“One core part of the zero trust framework is this assumed breach philosophy. We’re seeing partners talk not only about technologies but also services centered around that idea.”
Palmer said zero trust however can be misidentified, with some security companies branding themselves as zero trust technology.
“It’s not a technology, it’s a framework,” he said. “There are three key pillars that includes, identifying all users accessing your systems, giving those users the rights to access specific applications and providing visibility and segmentation throughout your core systems and networks.”
Selective partners
In Australia, 2023 was a big year when it came to government policy with Home Affairs announcing a cyber strategy plan, going through to 2030.
“Zero trust [was] a major component,” said Ramachandra. “While we see some customers, especially in regulated industries, making quick progress, the broader market still has a long way to go. But the momentum is growing, and government pressure is helping.”
This is why Illumio needs channel partners that can make architectural recommendations to clients, as well as integration capabilities.
Palmer said from a global perspective, “we don’t want to be over-distributed”.
“We’re being selective with partners because segmentation is still evolving and we want to work with partners who are highly respected and technically skilled,” he said. “For now, we want partners who will help drive change and do things differently.”
This was the same for its Australia and New Zealand (A/NZ) channel strategy, said Ramachandra.
“The tasks we ask of our partners aren’t easy,” he said. “There’s pre-project work, reselling technology, integration and even managed services. We can’t spread ourselves to thin so it’s a matter of quality over quantity.”
Ramachandra added Illumio is focused on zero trust segmentation, with it having an integration strategy with vendors like Okta, Zscaler and Netskope who are also working towards delivering zero trust outcomes for their clients.
“We also partner with data protection companies and even legacy providers because segmentation is needed across the board,” he said.