For those of us in the field of cybersecurity, where the utopian dreams of the early internet collide with the realities of increasingly serious levels of crime and threat, the future can at times look especially treacherous. As public and private organizations alike scramble to remain ahead of those who would compromise their information, one thing is certain: You can\u2019t prevent tomorrow\u2019s attacks with yesterday\u2019s security strategy and technologies.It seems common sense, but in the increasingly complex labyrinth of connectivity that is intensified by wireless, mobility and multi-cloud networks, it is easy to get spun in different directions. This is no indictment of cybersecurity decision makers, either. You only have to be a little bit slow to quickly fall behind.Regardless of intent, organizations that are using dated security practices are at risk of becoming \u201ctrophy compromises\u201d by criminals and nation-states every day. At the same time, more and more security leaders have come to accept a specific reality to being connected to the internet: No matter what you do, chances are, you will be compromised.There is a silver lining, though. Those four simple words\u2014you will be compromised\u2014have a powerful way of inspiring a strategic pivot to a security strategy much more in line with today\u2019s demands. If we begin with some degree of compromise as a given, it forces us to stop over-optimizing time, resources and efforts on the impossibility of perfection\u2014at great cost and much less security. Instead, we intuitively begin asking the key question to effective security strategy.If our systems are bound to be breached, how can we design them to limit the breadth, depth, severity and scope of the damage? If we ignore this critical question and build strategy around its sound answer, we fall into two painful traps: the fool\u2019s errand of trying to prevent all compromise or a state of denial that deludes many into thinking that it won\u2019t happen to them.Business leaders can abandon these mindsets of their own accord now, or they can wait for an attack to force them to discard them. Both, though, are nimbly avoided with the kind of consequence-based engineering that designs systems and networks with inherent protections and fail-safes that limit the potential severity of an attack. This approach also makes an organization a much less desirable target for threat actors and creates the greater levels of network dexterity that can drive significant business opportunities.There are two key best practices that reflect and reap the benefits of this approach to cybersecurity: segmentation and access control.Segmentation flows from the simple understanding that the network boundary, as we\u2019ve known it for the internet\u2019s first 40 years, is on its deathbed. The strategy of as recently as a decade ago\u2014to build a really high wall around our digital infrastructures and defend it like Monty Python\u2019s belligerent French knights\u2014was quickly decimated by the proliferation of mobile devices (remember all those BYOD op-eds we used to read?), and more so by use of the cloud and the intricacies of the Internet of Things.The solution is segmentation: Rather than one wall around everything, segmentation allows separate but aligned macro- and micro-segments throughout the network. It is a far more effective security strategy that assumes inevitable attack while making great strides in minimizing access to sensitive, proprietary and mission-critical data when the attack occurs. Even if an organization\u2019s first line of defense is breached, there are limitations to the volume\/value to snatch once inside.And segmentation now has an offshoot\u2014agile segmentation\u2014that may allow security professionals to finally achieve the nirvana we have sought for so long. Namely, security valued as a business enabler, allowing an organization to do things, such as form a business-to-business data sharing coalition, that they would never have dreamed feasible without agile micro- and micro-segmentation techniques.With a cybersecurity strategy that focuses on network segments rather than perimeters, organizations are then able to add another powerful best practice: access control.\u00a0 Unfortunately, the complexities of granular access control make it a practice that is often poorly implemented.Without access control, managers and C-suite leaders historically had little choice when someone needed access to data. The answer was either no or yes\u2014which granted them access not only to the information they needed for their task at hand but also to some of the most sensitive and important information in an organization\u2019s network.Segmentation and access control can now be aligned and deployed to not only protect this information but also drive much greater teamwork. Mobile users or remote employees can be allowed to use some datasets but not others, or at certain times and not others. But across the network, managers can also designate internal teams with different points of access to come together to leverage their knowledge and expertise of this data to create stronger business results through collaboration.When a project or initiative is complete, the permissions can be changed. If a breach occurs, it is much easier to protect a smaller data footprint and to then limit the areas and scope of the investigation, minimizing suspicion and wasted resources. All of which protects innocent employees while also improving security.Like all effective strategy, the principles of segmentation and access control augment and work in alignment with today\u2019s technology rather than fight against it.\u00a0 Importantly, smart use of the cloud is critically dependent on state-of-the-art firewall techniques for exactly this type of activity\u2014for users to pop up a data set and take it down just as easily.This means that even organizations that have been lagging behind on security best practices can quickly harness the flow of today\u2019s best technologies. Rather than fighting against them\u2014or worse, allowing innovations to make them less secure rather than more\u2014they stand to benefit from them, often in more ways than just significantly improved cybersecurity.In my experience, agile micro- and micro-segmentation are hallmarks of sound security solutions; they create a halo of opportunity across the business by savvy deployment of data and data protection alike. With a slight pivot in perspective and strategy, organizations will not have to live with nearly the usual high levels of stress of knowing that, at any moment, they will be forced to fight to defend their most valuable resources. Because they will have accounted for tomorrow\u2019s attack long before it occurs\u2014and will have already engineered out the worst consequences with savvy and effective network segmentation.