H3-2020-0015¶

Lack of Network Segmentation/Segregation

Description¶

Network segmentation and segregation is the practice of breaking a network environment into smaller broadcast domains and implementing access controls between segments. A flat network is more easily managed by IT administrators and lacks logical and/or technical access restrictions.

Impact¶

Without proper network segmentation and segregation, a flat network exposes a large attack surface to the attacker without layered defensive controls. An attacker may have access to critical business assets from the guest network if proper segmentation/segregation is not properly implemented.

References¶

• CWE-1008: Architectural Concepts
• Why Network Segmentation Matters