Segmentation relates to cyber security in terms of the organisation of a company’s networks. The idea of network segmentation works on the basis that organisations must not only implement protection and defence policies against cyber attack, but must also apply damage limitation in the case of a breach. Where networks are segregated, if access is gained in one department, this should not affect the organisation as a whole, hopefully creating a less damaging impact.
Using network segregation filters through to the organisation of the company as a whole. Segmenting networks allows for the logical segregation of departments within an organisation too. This can positively impact cyber security in that companies are then more likely to employ a ‘least privilege’ principle, meaning that users of networks will only have access to the minimum information needed to successfully do their job. In this way, again, information is restricted and is available on a need-to-know basis, reducing cyber security risks.