After being the target of a cyberattack, one of the world’s leading airlines, Cathay Pacific, made the decision to ramp up its security defence and improve its overall cybersecurity posture. YC Chan, Head of Infrastructure Engineering at Cathay Pacific, outlines the organisation’s process of implementing micro-segmentation for the right level of protection for its most critical applications, and tells us how Illumio helps it to bolster its internal defences.
Customer overview and challenge
Its name has been on just about every ‘who’s-who of airlines’ list, ranking top 10 from aircraft safety to ticket sales. These accolades have been all but inevitable for Cathay Pacific as it has focused on delivering world-class airline operations. But when it was the target of an attack, a new inevitability in today’s cybersecurity landscape, the Hong Kong-based carrier redoubled its focus on its security programme in short order.
“Zero Trust and least privilege came into the discussion right away. We knew we had to implement micro-segmentation for the right level of protection for our most critical applications,” said YC Chan, Head of
Infrastructure Engineering at Cathay Pacific.
If the end goal of micro-segmentation is to prevent lateral movement and protect ‘crown jewel’ applications,
the airline had to know its network better than anyone else from the start. The team required visibility into
application traffic across the entire network. But more than that, Chan sought a solution that would help it achieve its visibility and segmentation goals in the most efficient way possible.
“We had discovery tools that provided some visibility and insights, but ultimately did not integrate visualisation and policy workflow. In order to achieve our goals by the year-end deadline, we needed an interface that showed us application and workflow traffic and enabled us to act quickly and efficiently to
block or allow flows.”
Chan and team turned to Illumio Core and quickly realised it was ‘the easiest way to do micro-segmentation’. For one, the real-time application dependency map lets the company see all connections between servers and what their applications are talking to. With that capability, it understands what needs to be protected and can take immediate action on flows to block them or authorise. And with 600 applications at stake, the team
The ability to run policies in test mode before going into enforcement played an essential role in the success of its deployment. This empowered ongoing collaboration between infrastructure and security teams and application owners. The results? A reliable, thorough process for enforcement that helped it beat its most pressing deadline.
“We partner with application owners to review flows and help define policies. You couldn’t ask them to read firewall rules, but Illumio’s App Owner View map and plain language labels make it infinitely easier for them to understand the flows and apply policy. We are confident that our applications are protected with the
right level of segmentation – with no disruptions during enforcement.”
Not only do Chan and team continue to use Illumio to bolster their internal defences, but it is also helping
solve another challenge: PCI DSS compliance. Securing cardholder data is of paramount importance to Cathay. With Illumio Core’s mapping and policy creation capabilities, the organisation is able to meet many PCI compliance requirements. The team is also leveraging SecureConnect on over 1,000 workstations for instant workload-to-workload encryption of data in motion.
Fast time to value
The team came in ahead of schedule, faster than anticipated, in segmenting its most critical and vulnerable applications.
Less risk, more uptime
The ability to test the impact of new policies without any changes to the network gives it much-needed confidence that enforcement will never break applications.
Greater visibility, cross-functionally
Using the real-time map to involve application owners in the segmentation process improves policy accuracy and ultimately increases Cathay’s security posture.
Clear path to compliance
Saving millions in potential firewall costs for PCI compliance, the team has Illumio Core’s encryption, visibility and segmentation capabilities at its disposal for compliance mandates.Click below to share this article