Enterprise Mitigation Techniques

If a submarine’s hull is breached and the interior consists of a single hollow tube, the entire vessel sinks. To survive, naval engineers build bulkheads—watertight compartments that isolate the flood to a single section. For decades, enterprise IT administrators built flat networks: single, hollow tubes where one compromised receptionist's workstation meant a direct, unobstructed path to the domain controller and the organization's most sensitive databases. Today, securing an enterprise requires architectural bulkheads, hardened surfaces, and vigilant sensors. We do not just build a thicker outer hull; we engineer the inside of the systems to assume a breach will inevitably occur.

A diagram showing the compartmentalization of a ship's hull. Similar to how these watertight bulkheads prevent a vessel from sinking from a single breach, IT compartmentalization prevents an entire enterprise from being compromised by a single infected endpoint.
A diagram showing the compartmentalization of a ship's hull. Similar to how these watertight bulkheads prevent a vessel from sinking from a single breach, IT compartmentalization prevents an entire enterprise from being compromised by a single infected endpoint.