Implementing Network Segmentation for OT When to Use - When an OT security assessment reveals a flat network with no segmentation between Purdue levels - When implementing IEC 62443 zone/conduit architecture after completing risk assessment (IEC 62443-3-2) - When separating IT and OT networks as part of an IT/OT convergence security initiative - When deploying a DMZ between corporate IT and OT to protect industrial systems from IT-originating threats - When segmenting safety instrumented systems (SIS) from basic process control systems (BPCS) Do not use for IT-only microsegmentation without O…