
Network Segmentation to Prevent Ransomware: What the UCSF Attack Taught Us
From The Backup Wrap-Up by W. Curtis Preston (Mr. Backup)
May 4, 2026 · 47 min
About this episode
This episode discusses the importance of network segmentation in preventing ransomware, using the UCSF attack as a case study.
Network segmentation to prevent ransomware isn't just a nice-to-have — the UCSF ransomware attack proves it's what separates a contained incident from a catastrophe. UCSF got hit. Their segmented network kept the damage from spreading across their entire operation. That's the difference we're talking about in this episode. Dr. Mike Saylor — my co-author on Learning Ransomware Response and Recovery — joins me and Prasanna to break down exactly how network segmentation works, why it matters for ransomware defense, and how to start doing it without breaking everything in the process. (Not that I've ever done that. Much.) We cover what segmentation actually is, how VLANs make it manageable, the "need to talk" principle, and where microsegmentation fits in — and when it becomes overkill. We also get into the complexity trap: more rules and more layers don't automatically mean more protection. Sometimes they mean nobody can troubleshoot anything when the house is on fire. If you're an IT admin trying to make the case for better network architecture, or you just want to understand what would actually stop ransomware from ripping through your environment, this is the episode. Chapters…
People in this episode
Host: W. Curtis Preston
Guest: Dr. Mike Saylor
Topics covered
- network segmentation
- ransomware prevention
- UCSF ransomware attack
- VLANs
- microsegmentation
- IT security
Keywords
- network segmentation
- ransomware
- UCSF
- VLANs
- microsegmentation
- IT security
- complexity trap
Mentioned in this episode
Organizations: UCSF
Books & works: Learning Ransomware Response and Recovery
More episodes of The Backup Wrap-Up
- California Election Counting Explained by an Actual Poll Worker · June 8, 2026 · 25 min
- Stop 90% of Ransomware Attacks with Basic Cyber Hygiene · May 25, 2026 · 40 min
- Claude Deletes a Company — But It's Not Really Claude's Fault · May 18, 2026 · 40 min
- How Honeypots and Canary Files Catch Attackers Before They Strike · May 11, 2026 · 34 min
- Stop Using VSS as a Backup Before Ransomware Deletes Your Shadow Copies · April 27, 2026 · 37 min
- Ransomware Sanctions, OFAC, and the Lazarus Group: A Real Case Study · April 20, 2026 · 37 min
Explore listener stats, chart rankings, contacts and more on the The Backup Wrap-Up podcast page.