CISO • SEGMENTATION

    Micro‑Segmentation Health

    Summarizes zone security status (DMZ, Corporate, OT Production, SCADA, External Partners) and flags weak boundaries.

    What it shows

    Segmentation Health shows whether zones/conduits are enforced the way your reference architecture intends. It is critical for limiting lateral movement in OT and hybrid environments.

    How it’s calculated

    • Zone inventory derived from network topology + asset attribution.
    • Policy compliance based on observed flows versus allowed conduits.
    • Health states (Healthy/Warning/Critical) computed from violations, exceptions, and exposure.

    What to do next

    1. 1
      Fix Critical zones first
      —especially those that bridge OT and Corporate networks.
    2. 2
      Review conduits
      and remove any “any/any” rules or legacy flat networks.
    3. 3
      Stage enforcement
      to avoid operational disruption (monitor → alert → block).
    4. 4
      Prove effectiveness
      by showing reduced cross-zone policy deviations over time.

    KPIs to watch

    Healthy zones
    count
    Critical zones
    count
    Violating flows
    count

    Why this matters to a CISO

    AI only works if it’s trustworthy
    If models drift or confidence drops, you’re flying blind. This keeps the AI layer honest.
    Drift is normal in OT
    New firmware, new shifts, new processes—all cause drift. You need to detect it early before it erodes detection quality.
    Confidence drives automation
    You can’t let AI auto-contain based on shaky confidence. This metric ensures automation stays aligned with risk appetite.
    Feedback loops improve accuracy
    Every analyst decision sharpens the models. This closes the loop between human intelligence and machine learning.
    Reference UI Screenshot
    Micro‑Segmentation Health screenshot