Research Segmentation: Risk Management & Governance

Risk Assessment

Risk	Likelihood	Impact	Mitigation	Contingency
CISO decision delayed indefinitely	High	High	Prepare comprehensive business case with compliance gaps, attack scenarios, and regulatory exposure. Schedule recurring check-ins.	Escalate with documented risk acceptance. Implement monitoring-only mode as interim measure.
Research workflows disrupted by segmentation	Medium	Critical	Map all access patterns before deployment. Pilot with single research team. Maintain exceptions process.	Immediate policy rollback for affected endpoints. Whitelist critical flows.
Switch infrastructure does not support TrustSec	Medium	Medium	Inventory switch models and firmware before design phase. Fall back to VLAN-based approach if TrustSec unavailable.	VLAN-based segmentation works on all managed switches. No TrustSec dependency for Phase 1.
Lateral movement exploited before segmentation deployed	Low	Critical	Deploy monitoring (ISE profiling, NetFlow) immediately to detect anomalous lateral traffic while awaiting approval.	Incident response plan. Emergency VLAN isolation capability via ISE CoA.
Compliance audit occurs before project completes	Medium	High	Document current state and remediation plan. Show segmentation project timeline to auditors as evidence of progress.	Accept finding with remediation timeline. Accelerate pilot deployment.

Risk

Likelihood

Impact

Mitigation

Contingency

CISO decision delayed indefinitely

High

Prepare comprehensive business case with compliance gaps, attack scenarios, and regulatory exposure. Schedule recurring check-ins.

Escalate with documented risk acceptance. Implement monitoring-only mode as interim measure.

Research workflows disrupted by segmentation

Medium

Critical

Map all access patterns before deployment. Pilot with single research team. Maintain exceptions process.

Immediate policy rollback for affected endpoints. Whitelist critical flows.

Switch infrastructure does not support TrustSec

Medium

Inventory switch models and firmware before design phase. Fall back to VLAN-based approach if TrustSec unavailable.

VLAN-based segmentation works on all managed switches. No TrustSec dependency for Phase 1.

Lateral movement exploited before segmentation deployed

Low

Critical

Deploy monitoring (ISE profiling, NetFlow) immediately to detect anomalous lateral traffic while awaiting approval.

Incident response plan. Emergency VLAN isolation capability via ISE CoA.

Compliance audit occurs before project completes

Medium

High

Document current state and remediation plan. Show segmentation project timeline to auditors as evidence of progress.

Accept finding with remediation timeline. Accelerate pilot deployment.

Decision Log

Date	Decision	Rationale	Decided By
2026-03-25	Default all research endpoints to Untrusted VLAN	Zero-trust model: deny by default, permit by policy. Aligns with HHS regulatory requirements and reduces compliance scope.	Evan
2026-03-25	Evaluate both VLAN-based and TrustSec approaches	VLAN-based is simpler and works with existing infrastructure. TrustSec is topology-independent but requires switch support. Need to assess switch readiness.	Evan
2026-03-25	Exclude clinical systems from Phase 1	Clinical systems have separate compliance requirements and change control processes. Mixing scopes increases risk and delays delivery.	Evan
2026-03-25	CISO approval required before Phase 1 starts	Project impacts research department operations. Executive sponsorship needed for organizational buy-in and resource allocation.	Evan

Date

Decision

Rationale

Decided By

2026-03-25

Default all research endpoints to Untrusted VLAN

Zero-trust model: deny by default, permit by policy. Aligns with HHS regulatory requirements and reduces compliance scope.

Evan

2026-03-25

Evaluate both VLAN-based and TrustSec approaches

VLAN-based is simpler and works with existing infrastructure. TrustSec is topology-independent but requires switch support. Need to assess switch readiness.

Evan

2026-03-25

Exclude clinical systems from Phase 1

Clinical systems have separate compliance requirements and change control processes. Mixing scopes increases risk and delays delivery.

Evan

2026-03-25

CISO approval required before Phase 1 starts

Project impacts research department operations. Executive sponsorship needed for organizational buy-in and resource allocation.

Evan

Stakeholders

Sarah Clizer (CISO) - Decision maker
Research IT - Implementation coordination
Evan - Technical lead
Compliance Team - Audit requirements