Illumio CEO on Fighting Ransomware via Endpoint SegmentationAndrew Rubin on Contrasts Among Segmenting Endpoints, Servers and Cloud Workloads
Illumio has extended its segmentation capabilities from servers and workloads to endpoints to minimize damage in the event of a ransomware attack, CEO Andrew Rubin says.
The Silicon Valley-based company can now stop the spread of breaches and ransomware inside servers, cloud workloads and endpoints. But unlike servers, users often connect their endpoint devices to Wi-Fi in unsecure locations such as an airport or a Starbucks, meaning Illumio needed to enhance its policy engine. In both cases, he says, the spread of ransomware is thwarted due to the elimination of lateral movement (see: Cybersecurity Leadership: Cut Through the Zero Trust Hype).
"Many of our customers will use Illumio Core to ring-fence or segment a crown jewel application or asset," Rubin says. "That's a server or a cloud workload use case whereas on the endpoint, one of the most common uses is simply stopping one endpoint from talking to other endpoints. Although those two use cases are very similar in the benefit, they're expressed very differently in terms of the policy."
In this video interview with Information Security Media Group, Rubin also discusses:
- What's different about segmenting an endpoint versus a server or cloud;
- The relationship between zero trust assessments and microsegmentation;
- How Illumio's approach to microsegmentation differs from rival Akamai.
Rubin, who is responsible for Illumio's overall strategy and vision, has deep expertise in segmentation, network security and regulatory and compliance management, and he is a frequent participant in panels, articles and podcasts. Rubin also is a member of the board of directors for email security platform company Armorblox. Prior to co-founding Illumio in 2013, he spent nearly nine years at intrusion detection vendor Cymtec, where he was president and head of worldwide field operations.