I agree that systems of such sensitive nature need to be isolated but the problem is always how do you do this?
You could take away so much functionality that you are impeding productivity.
People bring their own devices, phones are powerful enough to use for many more tasks these days, productivity will not go up. That's a myth.
If the system in question was on a separate infrastructure, sophisticated and determined attackers will simply infiltrate the new system. Sure, it's an added layer of complexity and thus a bit more secure.
The real problem is not prevention, it's detection. I can walk into a bank today and leave with a few thousands of dollars. The real questions is, how do I do that undetected? without being caught later?
Online attacks are unfortunately very easy to mask, the attackers themselves are easily hidden and very hard to catch. IF they knew there's a good chance they are caught later, despite being able to EASILY pull off their intended crime then they'd be an effective deterrent.
Detection, deterrent. Not more doors & locks.