Illumio launches Incident Response Partner Program

Illumio has introduced its new Incident Response Partner Program designed to help organizations respond, contain, and recover faster during ransomware and other breaches.

  • Thursday, 20th April 2023 Posted 1 year ago in by Phil Alsop

The Incident Response Partner Program is already responsible for successfully minimizing the impact of dozens of active ransomware attacks around the world by bringing Illumio’s Zero Trust Segmentation (ZTS) Platform into the practice of leading digital forensic and incident response (DFIR) providers. With the Illumio ZTS Platform, response teams can gain immediate network visibility, restore operations quicker, and prevent reinfection – reducing the risk from and impact of a cyberattack. 

 

On average, it takes 277 days to identify and contain a breach and the average cost of a data breach is now $4.35 million, according to IBM’s ‘Cost of a Data Breach Report.’ During the recovery process, attackers are often still active in the environment, which historically prohibited organizations from bringing systems back online. Now, by deploying Illumio ZTS into the active breach, DFIR teams can quickly see risky connections and halt all traffic between infected endpoints and servers. 

 

Providers typically use Illumio ZTS alongside endpoint detection and response (EDR) tools, increasing EDR’s allotted time to detect threats, with no disruption to the DFIR process. Additionally, Illumio ZTS is customizable for the unique requirements of each provider and can be pre-configured based on the tools providers use during an active breach. DFIR providers can deploy the platform within an hour either as a fully managed or standalone service. Illumio offers DFIR providers: 

 

•        Immediate visibility into unfamiliar networks 

•        Increased speed of recovery by prioritizing the restoration of an organization’s most critical operational functions 

•        Segmentation that doesn't touch the client's physical network and removes the need to create VLANs or use firewalls, simplifying and speeding up response, containment, and recovery 

•        A 24/7 on-demand technical support team experienced in managing active breaches 

•        Complete confidentiality in all engagements 

 

“Illumio Zero Trust Segmentation platform has already helped us to stop dozens of attacks from spreading mid-breach and has proven to be a valuable addition for our response teams,” says Matt Baruch, Senior Director at MOXFIVE, a technical advisory firm specializing in cybersecurity and information technology. “It gives us the visibility and ability to carve out clean environments, even in complex recovery projects with distributed networks, enabling our clients to get back to business faster and avoid costly business disruption from cyberattacks.” 

 

“The biggest challenge in incident response is that those leading the investigation or recovery often are not familiar with the environment,” says Ryan Ikeler, Head of Incident Response and Managed Services at Illumio. “Adding Zero Trust Segmentation into the recovery process not only provides a level of visibility that many didn’t even know was possible, but it minimizes risk and allows organizations to recover faster, reducing the spread, cost, and operational impact of attacks.” 

 

New Illumio ZTS Dashboards Simplify Tracking and Improve Risk and Resilience Factors 

In addition to Illumio’s Incident Response Partner Program, Illumio is continuing to innovate to help customers take a proactive approach to ransomware. New dashboards and an improved user interface (UI) in Illumio ZTS make it easier for customers to manage their Illumio deployments and reduce their risk from the next cyberattack.   

 

The dashboards help organizations: 

•        Better prepare for and protect themselves against ransomware by identifying which ports and workloads are at critical, high, medium, and low risk and visualizing the number of protected and unprotected workloads. This makes it easier for organizations to prioritize and determine next steps in their ZTS strategy.  

•        Save time and accelerate their Illumio ZTS deployment by illustrating how many workloads Illumio is deployed on and ensuring all devices are responding as expected. These easy-to-understand insights into their overall security posture help security teams identify the next steps to quickly improve their security policy and further build cyber resilience.  

 

“Breaches happen, so organizations must always assume breach and behave as though a bad actor is already inside their organization,” says Mario Espinoza, Chief Product Officer at Illumio. “These new dashboards help security teams drive measurable risk reduction. With actionable intelligence, teams can easily take actions to close attack vectors.”