The use of segmentation in cyber security is recent. It became more widely adopted last year in IT with a primarily network-based security focus. In October 2016 Stacey Winn commented, '...the future is now, with network segmentation leading the way... physically separating computer networks, so that each network is visible only to users who have the appropriate access rights... In stark contrast to ... easy-to-penetrate flat networks.' This network-based idea of segmentation can be seen in terms of castle security as having a secure outside wall and then rules about which streets particular groups can walk inside the castle.

In 'whole of business' cyber security we apply segmentation to any relevant business assets important or critical to the business in order to arrange appropriate cyber-protection. Typically, business process changes are enablers  of segmentation for  layering of cyber-protection, to reduce risk and improve security outcomes.

In many cases, business process changes for segmentation can resolve, simplify or even remove  cyber-security problems.

"Appropriate business process changes can mean ... IT security problems resolved..."


Network/software-based segmentation