Network isolation and segmentation explained

January 8, 2020 | Alissa Knight
Alissa Knight

Alissa Knight

Senior Partner, Brier & Thorn

Alissa Knight is a senior analyst with Aite Group's cybersecurity practice. Ms. Knight covers cybersecurity in financial services, serving as a thought leader and trusted advisor to financial institutions, established technology vendors, startups, and venture capital firms. She provides actionable recommendations to clients by producing industry reports and other forms of written and video content assets, speaking at conferences, interacting with clients, and leading consulting engagements as a purveyor of research and advisory services on the contemporary IT risk management topics that matter most. Most recently, Ms. Knight was the group managing partner of Brier & Thorn, where she was responsible for U.S., Europe, and Asia operations, and headed its connected car cybersecurity practice. She has worked in cybersecurity for over 20 years as a penetration tester and incident responder, is a published author, and has started and sold two previous cybersecurity startups before launching her own venture capital fund. Ms. Knight is currently attending Temple University's Fox School of Business in pursuit of a degree in Economics.

January 8, 2020 | Alissa Knight

Network isolation and segmentation explained

What is network isolation?  A project management approach to designing, implementing, and operationalizing network isolation and micro-segmentation Network segmentation (often referred to as network isolation) is the concept of taking your network and creating silos within it called VLANs (virtual local area networks) that separates assets in the networked environment based on the function of the asset within the…

September 25, 2019 | Alissa Knight

Undivided we fall: decoupling network segmentation from micro-segmentation in the software defined perimeter

Introduction As of today, no laws or regulations, even the latest version of PCI-DSS, HIPAA, and HITECH, do not make network segmentation or micro-segmentation compulsory to comply with the rule. By making network segmentation discretionary -- even when transmitting, processing, or storing regulated data, the number of breaches will continue to rise as companies err on the side of…

Get the latest security news in your inbox.



September 6, 2016 | Alissa Knight

Digital Forensics According to the FORZA Model and Diamond Model for Intrusion Analysis

The Bridge on the River Forza We can teach these barbarians a lesson in Western methods and efficiency that will put them to shame.” -Colonel Nicholson (The Bridge on the River Kwai, 1957) Efficiency. Something we look to implement in everything we do, whether that be through the elimination of waste through Six Sigma, or other frameworks and methodologies, efficiency is…

August 3, 2016 | Alissa Knight

One Flew Over the Cuckoo’s Test: Performing a Penetration Test with Methodology

“All I know is this: nobody’s very big in the first place, and it looks to me like everybody spends their whole life tearing everybody else down.” - One Flew Over the Cuckoo’s Nest (1975) I love this quote from this film and unfortunately, despite the fact that it’s now 41 years later since…

July 18, 2016 | Alissa Knight

Understanding Electronic Control Units (ECUs) in Connected Automobiles and How They Can Be Hacked

Before you read any further, I must caution you that the weaknesses described in this article impact multiple ECUs on the market today and therefore have had all identifiers, such as references to specific automobile and ECU manufacturers removed in the interest of responsible disclosure. While topics in this article will be discussed at a very superficial level, My talk…

July 5, 2016 | Alissa Knight

Hacking Multifunction Printers: Lock, Stock and Two Smoking Printers

Introduction Because networked printers are often configured with access to the organization’s file server, email server, and active directory, the potential risk is enormous and unfortunately printers are the last device that the IT Security team even thinks about. As a matter of fact, in almost every single engagement we’ve been on at Brier & Thorn, it was the…

January 18, 2016 | Alissa Knight

Counter-Insurgency Bullet Designed to Kill Insurgents is Like IT Security Looking for a Special APT Detector

What? A special bullet that is designed just to kill insurgents? That's ridiculous. Well of course it is. No one in their right mind at the Pentagon, no chief on the Joint Chiefs of Staff would ever propose something like that. They wouldn't because first of all, it's not possible to create a bullet that only kills…

November 5, 2014 | Alissa Knight

Red teams; a diary from the garden of Red versus Blue

As with most terminology used in information technology, such as DMZ (or Demilitarized Zone), the term Red team was originally adopted from its use by the US military, which is still heavily used today in the ongoing force transformation of the Department of Defense. Red teaming can be used at multiple levels within a company, not just red team/blue…