Skyport is helping customers recover from attacks like the recent Petya worm, and this has taught us some important lessons. New malware attacks (like petya) are designed to destroy -- and can now be designed to take down your entire environment. If malware is motivated to spread quickly and destroy, you must think about security as an architectural problem, which goes beyond detection and prevention -- it means containing the damage.
Limiting blast radius in your environment means you must first isolate and protect the critical systems like DNS, Active Directory, DHCP. How do you recover your systems of record when the core services of your data center aren’t running? Next, protect and contain the increasing number of cloud-connected applications and shadow IT services that routinely punch through your perimeter.