Full Report
A new Omdia survey, commissioned by Elisity, finds that 99% of security leaders want microsegmentation deployed, yet over... The post Survey finds 99% back microsegmentation but over 90% fall short on protecting critical systems appeared first on Industrial Cyber.
Analysis Summary
# Industry News: The Microsegmentation Paradox—High Demand, Low Execution
## Summary
A new Omdia survey commissioned by Elisity reveals a significant "execution gap" in enterprise security: while 99% of security leaders view microsegmentation as a priority, over 90% have protected fewer than 80% of their critical systems. Despite it being a core pillar of Zero Trust, stagnant adoption of legacy methods has left nearly half of surveyed organizations vulnerable to lateral movement attacks in the last year.
## Key Details
- **Date:** April 29, 2026
- **Companies Involved:** Elisity (Sponsor), Omdia (Research firm), Southern Illinois Healthcare, Shaw Industries (Case studies)
- **Category:** Market Analysis / Survey Report
## The Story
The report, which surveyed 352 U.S. cybersecurity decision-makers in the high-stakes manufacturing and healthcare sectors, highlights a disconnect between strategic intent and technical reality. While 57% of leaders rank microsegmentation as their primary initiative to stop lateral movement, only 24% have actually deployed it. This lag is attributed to "scars" from first-generation tools—specifically agent-based models and manual VLAN/ACL configurations—tasked with securing complex environments.
The data suggests a shift toward "modern microsegmentation," which focuses on identity-based controls rather than network location. These newer architectures enforce policy directly on existing network switches without requiring hardware overhauls or agents. This is particularly critical in sectors like Healthcare, where unmanaged guest devices are prevalent, and Manufacturing, where "zero-downtime" requirements make traditional intrusive security measures impossible.
## Business Impact
### For the Companies Involved
- **Elisity:** Positions itself as the modern alternative to "failed" legacy approaches, focusing on ease of deployment (weeks instead of years) and lower operational overhead.
### For Competitors
- **Legacy Vendors:** Companies relying on agent-heavy or hardware-centric segmentation (like traditional NAC or proprietary firewall vendors) face increasing pressure to modernize or risk displacement by identity-based, software-defined solutions.
### For Customers
- **Sector-Specific Relief:** Healthcare and manufacturing firms can achieve high-grade security without disrupting production lines or clinical workflows.
- **Insurance and Compliance:** Organizations can more easily meet the 32% of insurance mandates and 60% of regulatory requirements driving this technology's adoption.
### For the Market
- **Market Maturity:** The survey indicates that while the *desire* for microsegmentation is universal, the market is currently in a replacement cycle, moving away from "Phase 1" location-based tools toward "Phase 2" identity-based software solutions.
## Technical Implications
The technical shift focuses on **decoupling** security policy from network topology. Modern solutions utilize existing infrastructure (switches/routers) as enforcement points, governed by identity-informed policies. This eliminates the need for complex VLAN re-architecting and the "agent-bloat" that often crashes legacy OT (Operational Technology) or medical devices.
## Strategic Analysis
- **Market Positioning:** Elisity is positioning microsegmentation not just as a security tool, but as a "business enabler" that allows for rapid digital transformation without increasing the attack surface.
- **Competitive Advantage:** The primary advantage lies in **deployment velocity**. The ability to secure IT, IoT, and OT environments simultaneously without downtime is a significant differentiator.
- **Challenges:** The "hand-on experience" gap remains a risk; only 22% of professionals have worked with modern identity-based tools, meaning vendor success depends heavily on education and proving ease-of-use claims.
## Industry Reactions
- **Omdia (Hollie Hennessy):** Notes that the "shift is on," as enterprises move toward solutions they perceive as easier and more effective than those from five years ago.
- **CISO Perspective (Shaw Industries):** Highlights the move toward an "assumed breach" mentality, where automated lateral movement prevention is the last line of defense for plant operations.
## Future Outlook
- **Standardization of Zero Trust:** Expect microsegmentation to move from a "planned priority" to a "deployed reality" as organizations finalize their Zero Trust architectures over the next 18–24 months.
- **Convergence:** Watch for increased integration between microsegmentation platforms and existing SIEM/EDR/SOAR stacks, especially in healthcare.
## For Security Professionals
Practitioners should evaluate their current segmentation projects against the "identity-based" benchmark. If a project requires extensive hardware upgrades or manual ACL management, it may be a legacy approach destined for the 90% "shortfall" category. Focusing on visibility—cited by 44% as the top shortfall—should be the immediate prerequisite to any segmentation rollout.