Hybrid Cloud
Cyber Security & NaaS
AI & Data
IoT & Connectivity
Business Applications
Intelligent Workplace
Consulting & Professional Services
Small Medium Enterprise
Health and Social Care
Industry
Retail
Tourism and Leisure
Transport & Logistics
Energy & Utilities
Banking and Finance
Sports
Smart Cities
Microsegmentation for a solid defence and operational resilience across enterprise environments
Every week, global companies face security incidents that make headlines. Tech giants and even cybersecurity-focused vendors are not immune to successful attacks.
According to Brasscom, Brazil faced 60 billion cyberattack attempts in 2023, a year in which Latin America registered 200 billion attempt, 14.5% of the global total. These figures underscore the scale of the problem and confirm that the question is no longer if an attack will happen, but when it will happen and how severe the impact will be.
The cost remains substantial: the average global cost of a data breach dropped to $4.44 million in 2025 (a 9% decrease compared to 2024), but in the US it rose to $10.22 million, up 9% year-over-year. Another worrying indicator: the average dwell time, the time an attacker remains undetected, climbed back to 11 days, according to M-Trends 2025.
Still, amidst this seemingly bleak landscape, one key insight emerges: organisations that implement advanced network segmentation strategies can significantly limit the damage, even when an attack is successful.
What is microsegmentation?
The difference lies in microsegmentation, an advanced cybersecurity strategy that reshapes network architecture by dividing it into multiple, independent, and highly specific security zones. Each network segment operates as a standalone digital area, enabling the implementation of tailored, precise controls over data flows, users, applications, and processes.
This level of granularity makes it much harder for threats to move laterally within the network, effectively containing their reach and enabling faster, more efficient incident response. By isolating critical resources and reducing the attack surface, microsegmentation has become a cornerstone of modern enterprise defence.
Low impact: how microsegmentation limits damage
When an attacker breaches one point in the network, the difference between a widespread crisis and a contained incident is the ability to limit lateral movement. Thanks to granular segmentation, these internal ‘walls’ between workloads, users, and applications reduce the attack surface and prevent intruders from moving freely across systems.
Faster identification and containment directly correlate with lower breach costs.
Independent Zero Trust Segmentation studies show a triple-digit ROI and cumulative benefits of up to $10.2 million over four years, reinforcing the value of investing not only in prevention but also in accelerating response capabilities.
Microsegmentation can be integrated with:
- IAM (Identity and Access Management), to ensure only authorised users or systems can access specific resources.
- PAM (Privileged Access Management), to control and monitor the use of high-privilege accounts.
- MFA (Multi-Factor Authentication), which adds additional verification layers to system access.
This way, microsegmentation reduces effective privileges per workload, isolates failures, and supports SOC (Security Operations Centre) containment playbooks, turning potential disruptions into low-impact operational events.
The other side: risks of not using microsegmentation
By contrast, environments lacking microsegmentation make it easier for attackers to move laterally and escalate privileges, especially when exploiting vulnerabilities and stolen credentials.
The M-Trends 2025 report found that exploits were the initial attack vector in 33% of analysed incidents. It also showed that when detection depends on external entities, the average response time increases to 26 days, giving attackers ample time to move laterally within systems.
Lateral movement remains one of the most critical and vulnerable points in today’s attack chains. Sectors such as public services, finance, and digital infrastructure are especially exposed to ransomware and data breaches when network segmentation is weak, making it easier for damage to spread uncontrollably.
At the same time, the attack surface continues to expand: in 2025, 20% of organisations reported incidents related to “shadow AI,” adding $670 million to the average cost per incident. This highlights the growing need for granular access controls and effective isolation between integrations such as APIs and plug-ins.
Conclusion
Microsegmentation is no longer a tech trend, it has become a strategic necessity for organisations serious about their cybersecurity posture. It represents a logical step forward in network protection, offering stronger defences and greater operational resilience.
Effective microsegmentation requires specialised technical expertise, detailed planning, and continuous management. In this context, Telefónica Tech stands out as a strategic partner capable of driving this transformation forward.
Our ISO 27001-certified SOC operations, available 24/7 and backed by professionals accredited in industry-leading technologies, provide the capabilities that companies need to make microsegmentation the core of their security strategy. At Telefónica Tech, we bring extensive experience in implementing and managing granular segmentation solutions, offering expert support for businesses of all sizes, from small and medium enterprises to large corporations and public sector organisations.
■ At Telefónica Tech, we recommend viewing microsegmentation as a key component of your cybersecurity strategy. By breaking down the network into smaller segments, organisations can protect their assets more efficiently and proactively.
Photo: Susan Q Yin / Unsplash
