Network segmentation to prevent ransomware isn't just a nice-to-have — the UCSF ransomware attack proves it's what separates a contained incident from a catastrophe. UCSF got hit. Their segmented network kept the damage from spreading across their entire operation. That's the difference we're talking about in this episode.

Dr. Mike Saylor — my co-author on Learning Ransomware Response and Recovery — joins me and Prasanna to break down exactly how network segmentation works, why it matters for ransomware defense, and how to start doing it without breaking everything in the process. (Not that I've ever done that. Much.)

We cover what segmentation actually is, how VLANs make it manageable, the "need to talk" principle, and where microsegmentation fits in — and when it becomes overkill. We also get into the complexity trap: more rules and more layers don't automatically mean more protection. Sometimes they mean nobody can troubleshoot anything when the house is on fire.

If you're an IT admin trying to make the case for better network architecture, or you just want to understand what would actually stop ransomware from ripping through your environment, this is the episode.

Chapters:

00:00:00 — Intro

00:01:40 — Welcome & Guest Introductions

00:05:17 — Case Study: UCSF Ransomware Attack

00:08:13 — What Is Network Segmentation?

00:12:32 — VLANs Explained

00:19:50 — The Need to Talk Principle

00:30:54 — Complexity vs. Security

00:31:09 — Microsegmentation

00:38:55 — Action Items: Where to Start

00:42:05 — Monitoring VLAN Traffic