# Why is network micro-segmentation necessary for operational technology?

Network micro-segmentation involves dividing an industrial network into small, isolated zones based on functional requirements. This prevents a breach in one area, such as a building management system, from spreading to more critical assets like a water treatment process. By enforcing security policies at the individual asset level, organisations can create granular boundaries that block lateral movement by attackers. Learn about the [technical implementation of logical zones](https://www.agilicus.com/anyx-guide/site-firewall-configuration/).

For more information, see [Industrial Cyber Security Best Practices](https://www.agilicus.com/white-papers/industrial-cyber-security-best-practices/).