Microsegmentation proves its worth in ransomware defense

The number of ransomware attacks (successful and unsuccessful) has doubled over the past two years, from 43 on average in 2021 to 86 in 2023, according to Akamai.

Security organizations have responded to the recent rise in ransomware attacks by implementing zero trust and microsegmentation strategies. 99% of respondents who reported that they have deployed some form of segmentation have also deployed a zero trust security framework.

Zero trust and microsegmentation

Respondents overwhelmingly agreed that microsegmentation is an effective tool to keep assets protected, but deployment was lower than expected, with only 30% of organizations segmenting across more than two business critical areas.

Globally, the top obstacles to deploying microsegmentation are a lack of skills/expertise (39%) followed by increased performance bottlenecks (39%), and compliance requirements (38%). Almost all of those surveyed, no matter the sector, industry, or country, reported the same obstacles to slightly different extents.

Despite slow deployments, organizations that have persevered and implemented a microsegmentation strategy across six mission-critical areas reported recovering from an attack in an average of only four hours. That’s 11 hours faster than organizations that have only segmented across one critical area, underscoring the effectiveness of a zero trust strategy that utilizes microsegmentation.

“The cybersecurity landscape is always evolving and shifting based on the latest threat methodologies developed by cybercriminals. Whether it’s defending against ransomware, new zero-days, or sophisticated phishing attacks, it’s vital that organizations reevaluate their risks to protect their critical assets,” said Steve Winterfeld, Advisory CISO at Akamai. “One of the key ways to do this is with a zero trust architecture. That means utilizing a combination of zero trust network access and microsegmentation integrated as part of a clear security strategy supported by access to staff and partners with necessary skills.”

Globally, a majority of respondents aspire to go further and implement microsegmentation, which protects application workloads at a granular level: 89% say microsegmentation is at least a high priority, with 34% naming it as their top priority.

Furthermore, 97% of IT security teams and decision-makers report that it has been adopted by at least a minority of their industry. This number drops to 80% for those in the public sector (excluding healthcare) — a difference that may be attributable to tighter budgets and legacy infrastructure posing greater obstacles to deploying microsegmentation’s workload-level protection.

Enhancing public sector security with microsegmentation

But the public sector stands to benefit greatly from implementing advanced security techniques like microsegmentation. Because systems in this sector are not necessarily designed to interact with one another, they lack interoperability, which increases both the likelihood of human error and likelihood of a successful cyberattack.

Of all respondents, 93% claimed that microsegmentation is critical to help thwart ransomware attacks. Network downtime (44%), data loss (42%), and brand/reputation damage (39%) were the most common issues impacting organizations after a ransomware attack.

The US and Germany reported the most ransomware attacks over the past year, with the US at 115 and Germany at 110. India leads the way in segmentation, with 58% of organizations reporting more than two assets/areas being segmented, followed by Mexico with 48% and Japan with 32%.

Protecting and segmenting more assets immediately makes organizations more secure. Security teams are more able to identify attacks and can respond far more effectively. The implementation of immature or ill-defined segmentation strategies only likely increases an organizations risk — but when done right, segmentation is clearly worth all it takes to overcome obstacles and implement.