In his session, Raja Ukul of ColorTokens unpacked what organisations should prioritise when evaluating micro-segmentation solutions. Far from a sales pitch, his talk centered on the realities of implementation and the common pitfalls he has observed across various industries.
Ukul’s first message was clear: speed matters. Too many organisations embark on micro-segmentation projects that take years — sometimes even outlasting their own contracts. Effective solutions should deliver value in weeks or months, not years or decades.
He also emphasised the importance of granularity, explaining that the more tightly organisations can segment applications, workloads, and devices, the smaller the blast radius during an attack. Even “a segment of one,” he said, is sometimes necessary for environments like utilities and IoT.
AI emerged as a major concern. “There’s no such thing as safe AI,” Ukul said, warning that non-human identities like APIs and microservices pose growing risks. Strong identity-based controls are essential.
He advised organisations to avoid adding yet another agent to already cluttered devices, instead favouring solutions that leverage existing security investments.
Finally, Ukul highlighted the operational benefits of micro-segmentation: the ability to isolate only the compromised portion of the network, rather than shutting down the entire enterprise. This preserves continuity, prevents reputational damage, and simplifies recovery.
Recommendations
GIW NSW Cyber Security Showcase: Navigating Cybersecurity’s Future and Future-Proofing Digital Services
GIW QLD Cyber Security Showcase: Zoe Thompson (Thales) on Cyber Threats, Data Gaps & Resilience
IBM Launches Microsoft Practice to Deliver Transformative Business Value for Clients
GIW Federal 2025: Policy Development of Horizon 2 of the Government Cyber Security Strategy with Ash Bell
