Honda Ransomware Attack a Lesson in Segmentation

Do you operate a ‘flat’ network? Maybe it’s time to look at putting some segmentation in place…:

[…] Chris Kennedy, CISO at AttackIQ, largely agrees that the scale of the operational disruption could come to have a significant impact on Honda, pointing out his belief that the company should pay closer attention to segmenting its networks going forward.

“The fact that the ransomware affected global operations, inclusive of factory operations, is an indicator their network may not be segmented and isolated in a way to prevent ‘jumps’ between different business functions,” explained Kennedy, pointing out that manufacturers tend to “isolate the technology systems that build stuff to protect them from attacks like this”.

“One department getting hit with ransomware should not impact other core business processes,” he pointed out to this end.


Original article here