Network segmentation to prevent ransomware isn't just a nice-to-have — the UCSF ransomware attack proves it's what separates a contained incident from a catastrophe. UCSF got hit. Their segmented network kept the damage from spreading across their entire operation. That's the difference we're talking about in this episode.
Dr. Mike Saylor — my co-author on Learning Ransomware Response and Recovery — joins me and Prasanna to break down exactly how network segmentation works, why it matters for ransomware defense, and how to start doing it without breaking everything in the process. (Not that I've ever done that. Much.)
We cover what segmentation actually is, how VLANs make it manageable, the "need to talk" principle, and where microsegmentation fits in — and when it becomes overkill. We also get into the complexity trap: more rules and more layers don't automatically mean more protection. Sometimes they mean nobody can troubleshoot anything when the house is on fire.
If you're an IT admin trying to make the case for better network architecture, or you just want to understand what would actually stop ransomware from ripping through your environment, this is the episode.
Chapters:
00:00:00 — Intro
00:01:40 — Welcome & Guest Introductions
00:05:17 — Case Study: UCSF Ransomware Attack
00:08:13 — What Is Network Segmentation?
00:12:32 — VLANs Explained
00:19:50 — The Need to Talk Principle
00:30:54 — Complexity vs. Security
00:31:09 — Microsegmentation
00:38:55 — Action Items: Where to Start
00:42:05 — Monitoring VLAN Traffic
