Why you need to segment your network for security

FREE

Become An Insider

Sign up now and get free access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content from the best tech brands on the Internet: CIO, CITEworld, CSO, Computerworld, InfoWorld, ITworld and Network World. Learn more.

Pen tester Mark Wolfgang argues segmenting for security is a key piece of an overall defense-in-depth strategy. Here he explains why and how to accomplish it in your organization (registration required)

My job over the last thirteen years as a penetration tester has given me a unique understanding of security from an attacker's point of view. I have conducted hundreds of penetration tests on organizations ranging from Federal government nuclear weapons labs, to banks, city governments, and practically everything in between. I know what makes an attacker's job easy, and what makes it difficult or practically impossible. I am oftentimes surprised that in 2014, I can gain access to one server or workstation, and use it to traverse the entire network, unhindered at the network layer.

[Security tactic might have helped battle foreign ministry hacks]

I'm shocked that close-circuit television (CCTV) systems, alarm systems, building access control systems, and manufacturing process control systems are just "hanging out" on the corporate network for all to see. I recently conducted an assessment on a very large city. They had a flat and permissive internal network, meaning there were virtually no barriers between their different systems.

To continue reading, please begin the free registration process or sign in to your Insider account by entering your email address:
Insider: How a good CSO confronts inevitable bad news
Join the discussion
Be the first to comment on this article. Our Commenting Policies