A new Omdia survey, commissioned by Elisity, finds that 99% of security leaders want microsegmentation deployed, yet over 90% have protected fewer than 80% of their critical systems. Nearly half experienced lateral movement attacks in the past year. Across 352 U.S. cybersecurity decision makers in healthcare and manufacturing, the data tells a consistent story: organizations want modern microsegmentation and aren’t getting it done.
Nearly all organizations are either implementing or planning microsegmentation, with 99% reporting activity in this area. Yet only 9% say that more than 80% of their critical systems are actually protected, leaving over 90% lagging behind in meaningful coverage. At the same time, nearly one in two security leaders experienced a lateral movement attack in the past year, even though 57% rank microsegmentation as their top initiative to stop such threats.
Gaps in capability and execution remain pronounced. About 44% of respondents cite comprehensive device visibility as their most critical shortfall, while 69% say identity-based controls are essential in any modern solution. Microsegmentation currently ranks low among deployed zero trust initiatives at just 24%, despite being the top planned priority.
Business pressure is also shaping adoption, with 32% pointing to cyber insurance requirements as a direct driver. While 62% say today’s solutions are easier to deploy than those from five years ago, most teams continue to rely on legacy approaches, and only 22% report hands-on experience with modern microsegmentation, underscoring a gap in both awareness and execution.
Organizations still lean on VLANs, ACLs, and agent-based tools that require constant rework and leave east-west exposure wide open. 68% are pursuing microsegmentation as part of a Zero Trust strategy, and 60% cite regulatory compliance as a driver. First-generation tools built around network location rather than identity have slowed real progress to a crawl.
Modern, identity-based microsegmentation works differently. Policy enforces directly on existing network switches, with no agents, no hardware changes, and no VLAN reconfiguration. Organizations can contain ransomware and lateral movement across IT, IoT, OT, and IoMT environments in weeks, not years.
“Microsegmentation has matured, but many organizations still carry the scars of earlier, complex approaches. What’s changed is the architecture,” said — James Winebrenner, CEO at Elisity. “Identity-based microsegmentation lets teams enforce precise policy on the switches they already run, so security becomes an enabler rather than a gate.”
“Our data shows the shift is on,” according to Hollie Hennessy, principal analyst at Omdia. “Enterprises intend to deploy microsegmentation, and many now see modern solutions as easier and more effective.”
Healthcare organizations rank SIEM, EDR, and SOAR integration as their top challenge with previous microsegmentation efforts. Visiting clinicians (74%) and clinical staff (72%) require the most granular policy attention, given the mix of managed and unmanaged devices moving through clinical environments.
Manufacturing runs on zero-downtime requirements and legacy OT systems that make agent-based approaches a non-starter. Remote engineers top the segmentation priority list at 70%, and ICS and building management system integration ranks as the second most common challenge.
“We looked into different NAC technologies, things like that to partially solve the picture, but it really wasn’t until Elisity came along that we found a product that checked all the boxes,” Nathan Phoenix, information security officer at Southern Illinois Healthcare, said. “Something easy to manage, easy to maintain. You could get in it quickly.”
Max Everett, CISO at Shaw Industries, said, “We assumed someone’s going to get in, we assumed someone’s going to get access through malware or other means, and we wanted to know that we had a way to quickly, in an automated way, stop that lateral movement so that they couldn’t move across through a plant or even between plants.”
