Transcript
Hi Mike Matchett with Small World Big Data. We are here at Rsac 2025. There's lots and lots of stuff going on here in the cybersecurity space. Lots of stories to tell about what's new, what's trending, what's the new things that people need to be looking out for? What are the new features they can take advantage of? I've got Trevor here from Illumio, Illumio and Trevor. Let's just start a little bit by what does Illumio do? It's sort of a really high level in this landscape. Yeah. So we, um, we work with organizations to make sure that if they have an attack, it doesn't turn into a disaster. So, you know, I mean, the reality is, you know, we did some research with the Ponemon Institute and, you know, they sort of came back that 58% of the organizations surveyed had to halt operations due to a ransomware attack. And that's, you know, in this day and age, that's ridiculous. So what we do is we help them contain that attack to prevent it, you know, stopping stopping them being able to do their business. Okay. So, uh, is this a rapid response thing or something that's reactive? Is it something how do people know that they're having a ransomware attack, even to begin with and get you involved. Well, I mean, there's several, several layers to that. Um, you know, so there's a lot of technology out there that helps you detect and attack. Um, you know, even if you detect an attack, you need to do something about it. So what we do is we apply zero trust principles, which controls exactly what can communicate with what. So you're, you know, you're obfuscating, obfuscating the rest of your environment to the attacker so they can only go down certain routes and paths. And if we you know, that can be detected quite easily because it's, you know, a much smaller thing. Um, and then what we do is we put policy in place to, to prevent that. Then moving on further and, uh, and stopping it from, you know, getting to the most critical resources. So, so really kind of implementing a response plan that can automatically take off. Yeah. So so you're effectively, um, really following the cybersecurity framework. So we're identifying where potential risks are. We're we're protecting and mitigating against those risks. And then when, um, you know, when an attack is detected, then we can dynamically change the policy to react to that attack and prevent it sort of getting to those critical assets. Attacks are always evolving, as we're seeing here at the show. Like the the threat envelope is always changing, and where the threat is coming from is always changing, too. And you guys are able to keep up with that. Yeah, absolutely. I mean, the reality is that a lot of attacks are successful because of unpatched systems, because of weak passwords, because of, you know, lateral movement, because of open, high risk ports. So, you know, so we actually help people do the fundamentals. So if you can do the fundamentals well, you can, you know, solve half the problem. All right. Looking at the RSA RSA key show broadly there's a lot of like themes and trends going on here. What would you sort of pick out and call out and say something you've noticed. Well obviously I you know so I is replaced zero trust on everyone's everyone's. But actually last year I think it was OT. And this year I so there's there's all of that going on. But I think you know the overall the overall shift is is around. You know there's a danger that there's too much shiny stuff here. So are things going oh we can Analyze the posture of third parties and and things like that. When you know when it's things that people don't really need to do, what they need to do is solve the fundamentals. So, so there's there's on one side people who are saying, yeah, you know, fix the basic problems. And then the other side saying, well, we've got this new shiny thing and, and I, you know, I think there is a danger that going down the shiny route too much is sort of, you know, the law of diminishing returns applies because you're never going to you're never, ever going to hit 100% ability to stop, you know, to prevent an attack. So you have to sort of shift the focus onto mitigating what happens when it when you do have an attack. All right. So let's talk about that. If, if the threat landscape is always changing and evolving and the tooling is always coming along looking shinier and shinier, but if you keep trying to stay too far ahead, you're never getting to the fundamentals. What would be your best advice for someone who's to sort of say, all right, I need to tackle the biggest chunk of that as I can. Where would you start? I'd say take a breath, pause, look at, look at the threats you have. You know, for instance, there's always the challenge with things like digital transformation. So, you know, everyone has become overexcited with being able to connect lots of things ot things into into Ethernet switches. And they've gone, oh yeah, we can use VLANs and all that. Yeah. Don't do that. Buy another Ethernet switch. Keep it. You know do the basics. Keep those networks completely separate. Do some at least hardware hygiene. Yeah. Do hardware hygiene. Network hygiene. Do all of that stuff first. Don't get sucked into the latest funky things. Do the basics first. Yeah. Good. If someone wants to learn a little bit more about Illumio and your approach and your advice, what would what would you recommend they look at? So visit Illumio. Com. There's a lot of resources there. Um there's a lot of information. You know, we keep it very rich in quite detailed content. Um, there's demos, there's videos, there's all sorts of things that are available or just contact us. RSAC. They've got a great orange booth here. Uh, check, check it out if you're coming on by. Otherwise. Uh Illumio.com. Thank you very much. Yeah. Great.
