Login

Promote Your Company       |     Contact

Independent Cyber News.

Why “It Won’t Happen Here” is a Dangerous Bet
Cyber Resilience | Microsegmentation
Posted: Friday, Jan 30
  • KBI.Media
  • $
  • Why “It Won’t Happen Here” is a Dangerous Bet
Karissa Breen, crowned a LinkedIn ‘Top Voice in Technology’, is more commonly known as KB, and widely known across the cybersecurity industry. A serial Entrepreneur and co-founder of the TMFE Group, a holding company and consortium of several businesses all relating to cybersecurity. These include an industry-leading media platform, a marketing agency, a content production studio, and the executive headhunting firm, MercSec. She is also the former Producer and Host of the streaming show, 2Fa.tv. Our flagship arm, KBI.Media, is an independent and agnostic global cyber security media company led by KB at the helm of the journalism division. As a Cybersecurity Investigative Journalist, KB hosts her renowned podcast, KBKast, interviewing cybersecurity practitioners around the globe on security and the problems business executives face. It has been downloaded in 65 countries with more than 300K downloads globally, influencing billions of dollars in cyber budgets. KB is known for asking the hard questions and getting real answers from her guests, providing a unique, uncoloured position on the always evolving landscape of cybersecurity. She sits down with the top experts to demystify the world of cybersecurity, and provide genuine insight to executives on the downstream impacts cybersecurity advancement and events have on our wider world.

i 3 Table of Contents

Why “It Won’t Happen Here” is a Dangerous Bet
From Karissa Breen

​Cyber incidents start quietly, which looks like a compromised credential, a malicious attachment, an employee doing what they’ve always done. The damage only becomes visible once systems stall, operations freeze, and executives ask the same question they always ask at the eleventh hour, ‘How did this get so far?’

Rajesh Khazanchi, CEO and Co-Founder at ColorTokens, a microsegmentation company, thinks about modern cybersecurity and how breaches are no longer edge cases, they’re operating conditions.

For years, security strategies were built on a simple rudimentary assumption. Keep attackers out, and everything inside stays safe. That perimeter-first thinking shaped architectures across industries and dominated for years.

“Attackers are not waiting for you to make the decision. Attackers will continue to attack. And just because you are not able to see it doesn’t mean the attack has not happened,” Khazanchi commented.

One compromised user, one trusted device, and the idea of an inside collapses. Internal systems become the attack surface. Lateral movement inside a company’s environment, not just initial access, is where the real damage happens.

“There is a gap in knowledge and understanding how to become breach ready,” Khazanchi says.

What follows a breach is predictable according to Khazanchi, which is about confusion, downtime, reputational fallout, financial loss. What’s changed is how some organisations are preparing for it and their mindset as the team at ColorTokens would say towards ‘Breach Readiness’.

Khazanchi points to a hospital that now treats breach recovery like a fire drill.

“Their benchmark is 40 minutes. They want to get back to business within 40 minutes after a breach.”

That level of readiness is still rare. Many organisations remain overconfident in perimeter tools while underestimating how quickly attackers can traverse internal environments.

“Being breach ready means designing your systems and system controls to limit your blast radius, contain those particular threat vectors and recover quickly,” he says.

Zero disruption, he adds, is unrealistic. Rapid containment is not, which should be the focus.

For a long time, cybersecurity lived below the boardroom. That’s changing fast, as board are asking better questions.

“There is a tectonic shift,” Khazanchi says. “Board members are asking, what is your readiness plan? Breaches happen, but we want to know exactly what you are doing to reduce the blast radius.”

Regulatory timelines are accelerating that pressure. With 48–72 hour disclosure requirements now common, executives are expected to explain incidents before forensic clarity exists.

“A lot of times in 72 hours you just don’t even know what has happened,” he says.

That tension between legal obligation and technical reality is fundamentally forcing boards to think differently about resilience, not just prevention.

Microsegmentation has long been misunderstood, the definition according to some is passé, often dismissed as complex, intrusive, or operationally heavy. Khazanchi acknowledges the skepticism.

“Tool proliferation, too many tools, too many agents is a very big problem across the industry.”

But the Executive is clear on the role segmentation plays when prevention fails.

“The only way to truly contain breaches is to pair EDR with microsegmentation. Best of both worlds.”

EDR detects and responds. Segmentation limits how far damage can spread.

“EDR is the commando skills,” he says. “But one bullet can take a life. Segmentation is the shield.”

Different industries measure impact differently, but downtime is universally costly.

“One day of loss in aviation really messes up a lot of things. Energy is about life. Life sciences can lose entire business lines.”

Customer patience and loyalty has evaporated.

The situation at the moment is pushing some companies to treat resilience as a differentiator, not a cost.

“I’ve seen organisations using this as a distinctive advantage against competitors,” Khazanchi says.

Being able to demonstrate containment, recovery, and operational continuity is becoming a trust signal, especially in regulated and safety critical sectors.

AI, in its current form, is accelerating both attack and defence.

“AI will drive a lot of activities on both sides… AI from the attack vector side and AI on the defence side.”

The result won’t be fewer attacks, but more of them, faster and harder to detect. That makes architectural fundamentals even more critical.

“These principles aren’t about fear,” Khazanchi says. “They’re about awareness. Knowing your infrastructure, designing deliberately, and putting controls in early will save a lot of money later.”

Cybersecurity is no longer about keeping attackers out. That battle has already been lost.

​“We’re saving lives, businesses, and livelihoods,” Khazanchi says. “That’s the mission.”

The real test now is how systems are designed to fail and how quickly they can recover when and if they do.

More From This Contributor

No results found.
All Press Releases

Other Recent Articles

No results found.
Article Archives
Share This