A new Omdia survey commissioned by Elisity reveals that while 99% of security leaders support microsegmentation, more than 90% have secured less than 80% of their critical systems. Nearly half reported experiencing lateral movement attacks over the past year. Based on responses from 352 U.S. cybersecurity decision-makers in healthcare and manufacturing, the findings show a clear gap between the strong demand for modern microsegmentation and its actual implementation.
Key Microsegmentation Report Findings:
- 99% of organizations are implementing or planning microsegmentation, yet only 9% report that more than 80% of their critical systems are protected. Over 90% are falling behind.
- Nearly 1 in 2 security leaders experienced a lateral movement attack in the past year, even as 57% rank microsegmentation as their top initiative to stop it.
- 44% cite comprehensive device visibility as their most critical capability gap; 69% demand identity-based controls in any modern solution.
- Microsegmentation ranks toward the bottom at 24% among currently deployed Zero Trust initiatives, despite ranking first among planned priorities.
- 32% cite cyber insurance requirements as a direct business driver for pursuing microsegmentation.
- 62% say today’s solutions are easier to deploy than those from five years ago. Most teams are still running on legacy methods.
- Only 22% have hands-on experience with modern microsegmentation, pointing to an awareness gap as much as an execution gap.
A Say-Do Gap Rooted in Legacy Architecture
Organizations still lean on VLANs, ACLs, and agent-based tools that require constant rework and leave east-west exposure wide open. 68% are pursuing microsegmentation as part of a Zero Trust strategy, and 60% cite regulatory compliance as a driver. First-generation tools built around network location rather than identity have slowed real progress to a crawl.
Modern, identity-based microsegmentation works differently. Policy enforces directly on existing network switches, with no agents, no hardware changes, and no VLAN reconfiguration. Organizations can contain ransomware and lateral movement across IT, IoT, OT, and IoMT environments in weeks, not years.
“Microsegmentation has matured, but many organizations still carry the scars of earlier, complex approaches. What’s changed is the architecture. Identity-based microsegmentation lets teams enforce precise policy on the switches they already run, so security becomes an enabler rather than a gate.”
James Winebrenner, CEO, Elisity
“Our data shows the shift is on. Enterprises intend to deploy microsegmentation, and many now see modern solutions as easier and more effective.”
Hollie Hennessy, Principal Analyst, Omdia
Vertical-Specific Findings
Healthcare organizations rank SIEM, EDR, and SOAR integration as their top challenge with previous microsegmentation efforts. Visiting clinicians (74%) and clinical staff (72%) require the most granular policy attention, given the mix of managed and unmanaged devices moving through clinical environments.
Manufacturing runs on zero-downtime requirements and legacy OT systems that make agent-based approaches a non-starter. Remote engineers top the segmentation priority list at 70%, and ICS and building management system integration rank as the second most common challenge.
Customer Quotes
“We looked into different NAC technologies, things like that to partially solve the picture, but it really wasn’t until Elisity came along that we found a product that checked all the boxes. Something easy to manage, easy to maintain. You could get in it quickly.”
Nathan Phoenix, Information Security Officer, Southern Illinois Healthcare
“We assumed someone’s going to get in, we assumed someone’s going to get access through malware or other means, and we wanted to know that we had a way to quickly, in an automated way, stop that lateral movement so that they couldn’t move across through a plant or even between plants.”
Max Everett, CISO, Shaw Industries
“We’ve been able to get Elisity up within two months in an organization that has 15 hospitals spread over 75 square miles, 350 practices, 23,000 active users, 1,800 vendors, and 85,000 devices.”
David Finkelstein, CISO, St. Luke’s University Health Network
See a preview and download the full Microsegmentation Report analysis here.
Related News:
ColorTokens Launches Xshield AI Agent to Simplify Microsegmentation
Microsegmentation Enhances Asimily’s Cyber Asset Management Platform
About the Survey
Omdia surveyed 352 U.S. cybersecurity decision makers (CISOs, security architects, and IT and network security leaders) across healthcare and manufacturing. All respondents work at organizations with 1,000 or more employees. Omdia conducted the survey in 2025, commissioned by Elisity.
