Let’s imagine the typical very-small-business with about 10 employees, maybe fewer. They probably use one network for everything, right? The secretary or office assistant has the same level of network access as their IT person—who may or may not just be someone’s nephew who’s pretty good with computers. Like many small businesses, they probably think this all makes perfect sense; after all, they’re too small to need anything more complicated. But then the unthinkable happens: the office assistant gets phished. Suddenly, network credentials for the whole business are up for grabs to cybercriminals.