TL;DR
This paper empirically investigates why network segmentation projects often fail, analyzing survey data from 400 practitioners to identify common failure patterns and misconceptions.
Contribution
It provides a systematic empirical analysis of failure factors in network segmentation projects, revealing four archetypes and common misconceptions among practitioners.
Findings
Identified four distinct failure archetypes in segmentation projects.
Practitioners tend to favor general IT fixes over segmentation-specific solutions.
Survey of 400 practitioners highlights common operational and technical barriers.
Abstract
Network segmentation is a foundational enterprise security control. Despite its recognized benefits, segmentation initiatives frequently fail in practice, and the field lacks a systematic empirical explanation for why these projects do not achieve their intended outcomes. This paper presents an empirical study of failed segmentation projects based on a survey of 400 U.S.-based\ network security practitioners. The survey was grounded in a two-part failure framework that separately measures general IT project failure factors and segmentation-specific technical and operational barriers. Clustering analysis of the responses reveals four distinct failure archetypes. Surprisingly, practitioners across all four archetypes propose general IT project management fixes over segmentation-specific fixes in the same ratio.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.