Talk 2

Network segmentation is a fundamental measure to limit the attack surface in any network environment. The need and importance of network segmentation is more pronounced in environments with sensitive and easily exploitable IoT devices and data (e.g. hospital networks). Based on network data collected for over 4 million devices and over 250 enterprise networks, we compare and contrast the Layer 2 segmentation practices in sensitive healthcare environments versus non-healthcare environments. We argue for the necessity of having 'true segmentation' rather than the illusion of segments at Layer 3.