Network Segmentation
Dividing a computer network into smaller, isolated segments to limit the spread of attacks and restrict access to sensitive systems.
Network segmentation creates barriers within your network so that a breach in one area cannot easily spread to others. For example, separating your guest Wi-Fi from your POS system, or isolating HR databases from general office computers. If ransomware infects one segment, segmentation prevents it from encrypting your entire network. It is a recommended practice under both NIST CSF and BNM's RMiT framework.