Microsegmentation reduces ransomware containment time and improves cyber insurance position. This has led to half of non-adopters to plan implementation within two years, while two-thirds of current adopters expect to increase their investment.
These are among findings of research conducted by Phronesis Partners for Akamai Technologies earlier this year. It captures insights from 1,200 security and technology leaders worldwide.
“Enterprises in Asia-Pacific are racing to keep up with an evolving and fragmented regulatory landscape, compounded by tougher cyber insurance requirements and increasingly sophisticated attackers.” said Reuben Koh, Director of Security Technology & Strategy for APJ at Akamai.
“Recent breaches at major Asian manufacturers highlight how a single disruption in Asia can ripple across global supply chains, disrupting industries and everyday life,” said Koh. “This is where microsegmentation makes a real difference, it stops attacks in their tracks before they spread, helps organizations demonstrate compliance, improve their standing with insurers, and ultimately lets businesses focus on their work without the constant worry of disruption.”
While 90% of organizations have adopted some form of segmentation, only 35% have implemented microsegmentation across their network environment. This gap between intent and execution leaves many enterprises exposed to cyber threats.
In the Asia-Pacific region and Japan (APAC), adoption is slightly above the global average at 38%. China stands out as the leader, with around half of national enterprises already implementing microsegmentation. APAC enterprises are mostly cloud native from the outset, making it easier to implement workload-level controls.
Half of non-adopters plan to implement microsegmentation within two years, while more than two-thirds (68%) of current adopters expect to increase their investment.
Organizations that responded to the survey identified the following key drivers when adopting microsegmentation.
First are ransomware attacks, with 79% of organizations having experienced at least one ransomware attack in the past 24 months. Of the organizations that have adopted microsegmentation, 63% did so to help contain ransomware attacks and prevent spread across the network.
Second is protecting critical assets, with 74% of organizations adopting microsegmentation to isolate their high-risk assets from potential threats.
Third is safeguarding against internal threats, with 57% aiming to protect their systems from insider threats, whether malicious or accidental, through microsegmentation.
Fourth is meeting regulatory requirements, with 57% adopting microsegmentation to comply with regulatory standards and avoid potential penalties.
Fifth is faster incident response, with 56% wanting to respond more quickly and effectively to security incidents by implementing microsegmentation.
The report also found that security organizations, with more than US$1 billion in annual revenue, that have implemented microsegmentation reported that ransomware containment time was reduced by 33%, accelerating time to mitigation.
Cyber insurance is also becoming a must-have in today’s threat landscape. While it doesn’t replace a comprehensive security strategy, it helps organizations recover financially after a breach or ransomware attack and encourages stronger defenses with smarter risk management.
In APAC, insurers have tightened requirements before underwriting, especially following high-profile breaches. 75% of responding organizations report that insurers now assess segmentation posture during underwriting.
While insurers may stop short of explicitly mandating microsegmentation, they are expecting demonstrable evidence that organizations can protect critical systems and contain threats, in the event when endpoints are initially compromised. Security teams are being audited more closely, and policies may be rejected if fundamentals are lacking.
The report also shows that organizations increasingly associate segmentation maturity with lower insurance premiums, faster claims processing, stronger audit readiness, and better ransomware outcomes.
Organizations have reported that microsegmentation provides numerous benefits related to cyber insurance: simplified audit reporting, lower insurance premiums, and improved claim outcomes.
