With organisations under increasing pressure to secure growing numbers of connected devices, cybersecurity firms are deploying an increasingly sophisticated arsenal to protect them.
One such measure, microsegmentation – isolating devices and limiting communication to reduce the impact of breaches – is emerging as one of the buzzwords of 2026.
Last summer, the US Cybersecurity and Infrastructure Security Agency (CISA) issued guidance for federal agencies on designing and implementing segmentation strategies. The guidance outlines how microsegmentation can reduce attack surfaces, restrict lateral movement, and improve monitoring, positioning it as a key component of zero trust architectures.
Cybersecurity companies have been quick to respond. US-based Asimily last week announced expanded microsegmentation capabilities, adding support for Security Group Access Control Lists (SGACLs) within Cisco’s Identity Services Engine (ISE). The enhancement allows organisations using Cisco ISE to automatically enforce segmentation policies based on Asimily’s assessment of device type, behaviour, and risk exposure, helping security teams translate device intelligence into actionable network controls across IT, IoT, OT, and IoMT environments.
Similarly, US-based breach containment firm Illumio recently partnered with Kyndryl to deliver scalable microsegmentation solutions for zero trust adoption. Zscaler has also launched AI-driven microsegmentation capabilities, aiming to protect sensitive assets from lateral threats across cloud and hybrid environments.
In light of these developments, IoT Insider spoke with Shankar Somasundaram, Chief Executive Officer of Asimily, to explore what microsegmentation is and why organisations should consider it.
IoT Insider: In just a few words, what is microsegmentation?
Shankar Somasundaram: Microsegmentation controls exactly which IoT devices and cyber assets can communicate with each other based on their communication patterns, risk profiles, context, etc. Organisations can create clear network access policies that prevent attackers from reaching critical systems and limit lateral movement to significantly reduce or eliminate the consequences if a breach occurs.
For organisations managing large and heterogeneous IoT, OT, and IoMT fleets, microsegmentation is critical because connected devices differ fundamentally from traditional IT assets. You cannot patch many of them; they often have hard-coded default passwords, and most were designed around functionality rather than security. Microsegmentation becomes a compensating control, limiting what an attacker can reach even if they compromise a vulnerable device.
IoT Insider: How does this work in practice, say, in a hospital?
Somasundaram: Suppose a hospital has 15,000 connected medical devices. Our platform identifies every cyber asset down to its make, model, and software version – from infusion pumps and MRI machines to networked HVAC systems. We then analyse each device’s communication patterns: what it talks to, when, and why.
For example, an infusion pump may only need to communicate with the hospital’s EHR system and a specific monitoring station. Through our Cisco ISE integration with SGACL support, Asimily automatically generates access control policies that allow exactly that traffic and block everything else – without disrupting clinical workflows.
IoT Insider: How do you prioritise which devices to segment first?
Somasundaram: The intelligence we provide guides risk-based prioritisation across the asset inventory. Not every IoT or OT device requires the same level of segmentation urgency. A critical CVSS vulnerability might be irrelevant if the device is already isolated, while a medium-severity vulnerability on a device in a flat network segment can be high-priority. We highlight the top 1% of devices that present the highest risk and should be segmented first.
IoT Insider: What does microsegmentation achieve for devices that can’t be patched?
Somasundaram: Even if a device can’t be patched or hardened, microsegmentation controls its network exposure. We define which systems it legitimately needs to communicate with and block everything else. If an attacker compromises that device or attempts lateral movement, those attempts are automatically blocked.
IoT Insider: Why do so many segmentation projects fail?
Somasundaram: About 80% of segmentation projects fail because traditional approaches lack the device context needed for precise policies. Teams end up with rules that are either too permissive – failing to reduce risk – or too restrictive, breaking workflows. Our approach combines deep device intelligence with behavioural analysis, validates policies before deployment, and continuously monitors for configuration drift, making microsegmentation achievable for IoT and OT environments.
IoT Insider: Is this approach limited to healthcare?
Somasundaram: Not at all. In manufacturing, for example, a programmable logic controller on a factory floor may only need to talk to specific systems. We identify those patterns, generate policies, and integrate with existing NAC infrastructure to enforce them without disrupting operations. The principles apply wherever network-connected devices operate in critical environments.
