Security zones for increased cyber security
The reason why it sometimes makes sense to divide a system into security zones, is that this enables cyber security countermeasures to be utilized where they are most needed or to reduce risk in a particular part of the system.
For example, the use of Windows XP could be argued to increase the likelihood of an incident because it has a wide range of known vulnerabilities exploitable by malware. Therefore, if a system must continue to use Windows XP machines, it is recommended to segment them into a separate security zone, with complementing additional countermeasures. Additionally, a safety system can be segmented into a separate security zone to decrease the risk of being affected by other assets or systems.