Elisity Commissioned Omdia Survey Reveals 90% of Organizations Falling Behind on Microsegmentation Despite Near-Universal Demand

New study of 352 healthcare and manufacturing security leaders finds 99% want microsegmentation deployed, yet only 9% have protected more than 80% of critical systems

SAN JOSE, Calif., April 28, 2026 /PRNewswire/ -- A new Omdia survey, commissioned by Elisity, finds that 99% of security leaders want microsegmentation deployed, yet over 90% have protected fewer than 80% of their critical systems. Nearly half experienced lateral movement attacks in the past year. Across 352 U.S. cybersecurity decision makers in healthcare and manufacturing, the data tells a consistent story: organizations want modern microsegmentation and aren't getting it done.

Key Survey Findings: 7 Statistics on Microsegmentation in 2026

• 99% of organizations are implementing or planning microsegmentation, yet only 9% report that more than 80% of their critical systems are protected. Over 90% are falling behind.
• Nearly 1 in 2 security leaders experienced a lateral movement attack in the past year, even as 57% rank microsegmentation as their top initiative to stop it.
• 44% cite comprehensive device visibility as their most critical capability gap; 69% demand identity-based controls in any modern solution.
• Microsegmentation ranks toward the bottom at 24% among currently deployed Zero Trust initiatives, despite ranking first among planned priorities.
• 32% cite cyber insurance requirements as a direct business driver for pursuing microsegmentation.
• 62% say today's solutions are easier to deploy than those from five years ago. Most teams are still running on legacy methods.
• Only 22% have hands-on experience with modern microsegmentation, pointing to an awareness gap as much as an execution gap.

A Say-Do Gap Rooted in Legacy Architecture

Why First-Generation Microsegmentation Tools Stalled

Organizations still lean on VLANs, ACLs, and agent-based tools that require constant rework and leave east-west exposure wide open. 68% are pursuing microsegmentation as part of a Zero Trust strategy, and 60% cite regulatory compliance as a driver. First-generation tools built around network location rather than identity have slowed real progress to a crawl.

Modern, identity-based microsegmentation works differently. Policy enforces directly on existing network switches, with no agents, no hardware changes, and no VLAN reconfiguration. Organizations can contain ransomware and lateral movement across IT, IoT, OT, and IoMT environments in weeks, not years.

"Microsegmentation has matured, but many organizations still carry the scars of earlier, complex approaches. What's changed is the architecture. Identity-based microsegmentation lets teams enforce precise policy on the switches they already run, so security becomes an enabler rather than a gate." - James Winebrenner, CEO, Elisity

"Our data shows the shift is on. Enterprises intend to deploy microsegmentation, and many now see modern solutions as easier and more effective." - Hollie Hennessy, Principal Analyst, Omdia

Vertical-Specific Findings

Healthcare: SIEM, EDR, and SOAR Integration as the #1 Challenge

Healthcare organizations rank SIEM, EDR, and SOAR integration as their top challenge with previous microsegmentation efforts. Visiting clinicians (74%) and clinical staff (72%) require the most granular policy attention, given the mix of managed and unmanaged devices moving through clinical environments.

Manufacturing: Remote Engineers and OT Integration Top the Priority List

Manufacturing runs on zero-downtime requirements and legacy OT systems that make agent-based approaches a non-starter. Remote engineers top the segmentation priority list at 70%, and ICS and building management system integration ranks as the second most common challenge.

Cyber Insurance Pressure: A Growing Driver for Microsegmentation

At 32%, cyber insurance ranks behind Zero Trust strategy (68%) and regulatory compliance (60%) as a motivator, but underwriters are tightening expectations year over year. Most renewal questionnaires still ask binary "do you have segmentation: yes or no" questions, which lets legacy VLAN architectures pass alongside modern identity-based controls. That gap masks real risk, because flat trust zones inside a VLAN don't stop a credentialed attacker from reaching adjacent systems.

Agent-based tools can't protect PLCs on a plant floor or medical devices on a clinical network. Those are precisely the assets ransomware operators target for maximum operational impact. Carriers are starting to ask more granular questions about what percentage of critical assets sit under active policy coverage, and whether unmanaged devices fall inside or outside that coverage.

Customer Quotes

"We looked into different NAC technologies, things like that to partially solve the picture, but it really wasn't until Elisity came along that we found a product that checked all the boxes. Something easy to manage, easy to maintain. You could get in it quickly." - Nathan Phoenix, Information Security Officer, Southern Illinois Healthcare

"We assumed someone's going to get in, we assumed someone's going to get access through malware or other means, and we wanted to know that we had a way to quickly, in an automated way, stop that lateral movement so that they couldn't move across through a plant or even between plants." - Max Everett, CISO, Shaw Industries

In the News: How the Industry Covered the Survey

Coverage of the survey ran across leading industrial cybersecurity, cyber insurance, and security trade publications.

Industrial Cyber framed the survey as an execution-gap story rooted in legacy tooling, with prominent attention to the 44% device-visibility shortfall and to the Southern Illinois Healthcare and Shaw Industries customer testimonials. Industrial Cyber highlighted the contradiction that microsegmentation ranks first among planned Zero Trust initiatives yet sits at just 24% in current deployment. Read the Industrial Cyber coverage.

Cyber Insurance News reframed the survey as an underwriting problem, noting that binary insurance questionnaires can't distinguish legacy VLAN architectures from modern identity-based segmentation, and that agent-based tools cannot protect PLCs, medical devices, or industrial systems. Cyber Insurance News called out the 32% of respondents who already cite cyber insurance as a direct business driver. Read the Cyber Insurance News coverage.

CYBR.SEC.Media built its piece around the "say-do gap" language (99% versus 9%) and surfaced concrete operational consequences: production halts, hijacked industrial robots, compromised ventilators, altered dosage records, and ransomware against blood bank systems. Their coverage included Elisity CEO James Winebrenner's perspective on the resource constraints security teams face when extending segmentation across OT and clinical environments. Read the CYBR.SEC.Media coverage.

Resources

• Get the full 2026 Omdia Microsegmentation Survey report
• Download the microsegmentation survey infographic
• Schedule a demo with Elisity

Frequently Asked Questions About the 2026 Microsegmentation Survey

Why are 90% of organizations falling behind on microsegmentation?

Most teams still rely on VLANs, ACLs, and agent-based tools designed around network location rather than asset identity. Those approaches require constant rework, don't extend cleanly to IoT, OT, and IoMT, and leave east-west exposure open between trust zones. Only 22% of respondents in the Omdia survey have hands-on experience with modern microsegmentation, so awareness, not just execution, is part of the gap.

What is identity-based microsegmentation, and how does it differ from VLAN-based segmentation?

Identity-based microsegmentation enforces policy by who or what an asset is (its identity attributes), rather than where it sits on the network. VLAN-based segmentation groups devices by network location, which creates flat trust zones inside each VLAN and slows reconfiguration whenever an asset moves. Identity-based controls apply directly on existing switches and follow the asset across the network, which is why 69% of survey respondents demand identity-based controls in any modern solution.

How does microsegmentation prevent lateral movement?

Microsegmentation enforces least-privilege rules between assets, so a compromised endpoint can only reach the specific systems its identity policy allows. When a credentialed attacker or ransomware payload tries to pivot east-west, those connections are blocked or alerted instead of permitted by default. With nearly 1 in 2 security leaders reporting a lateral movement attack in the past year, granular east-west policy is now the top initiative cited (57%) to contain that risk.

Is microsegmentation required for cyber insurance?

Many carriers don't yet require microsegmentation outright, but 32% of survey respondents already cite cyber insurance as a direct business driver. Most renewal questionnaires still ask binary "yes or no" segmentation questions, which lets legacy architectures pass. As underwriters refine their questions, expect more granular asks about what percentage of critical assets sit under active policy coverage and whether unmanaged devices are included.

Why is microsegmentation difficult in OT and IoMT environments?

OT systems and medical devices typically can't host agents, run unsupported operating systems, and operate under zero-downtime constraints. Industry analysis from firms like Dragos, Nozomi, Claroty, and Armis consistently shows that visibility into these unmanaged devices is the foundation for any segmentation effort. That's why 44% of survey respondents flag comprehensive device visibility as their most critical capability gap, and why agentless, identity-based enforcement on existing switches resonates with manufacturing and healthcare teams.

About the Survey

Omdia surveyed 352 U.S. cybersecurity decision makers (CISOs, security architects, and IT and network security leaders) across healthcare and manufacturing. All respondents work at organizations with 1,000 or more employees. Omdia conducted the survey in 2025, commissioned by Elisity.

About Elisity

Elisity is an identity-based microsegmentation company that helps enterprises stop lateral movement, prevent ransomware spread, and meet compliance and cyber insurance requirements across IT, OT, and IoT environments. The Elisity platform discovers every device on an organization's network, enforces least-privilege access policies through existing network infrastructure, and delivers full microsegmentation in weeks, without agents, additional hardware, or network re-architecture. Elisity is trusted by Fortune 500 healthcare systems, global manufacturers, and pharmaceutical companies including GSK, Main Line Health, Shaw Industries, and St. Luke's University Health Network. Founded in 2019, Elisity is headquartered in San Jose, California. Learn more at elisity.com.

About Omdia

Omdia is a global technology research firm with more than 400 analysts covering 150 markets. Born from the research divisions of Informa TechTarget and the IHS Markit technology portfolio, Omdia publishes over 3,000 research reports annually and serves more than 14,000 subscribers. Learn more at omdia.com.

Media Contact: Danielle Ostrovsky Hi-Touch PR Ostrovsky@Hi-TouchPR.com