In brief: With NIS2, microsegmentation becomes a mandatory measure for enterprises to prevent lateral movement after network intrusion and technically implement Zero Trust.
With the entry into force of the new BSI Act on 6 December 2025, enterprises must implement the European NIS2 Directive. Microsegmentation thereby becomes an essential technical requirement for legally mandated network security.
The NIS2 Directive requires affected enterprises to register with the BSI no later than 31 July 2026 and demands strict risk management measures as well as contemporary security concepts. The Directive requires protection against lateral movement in the network, implementation of Zero Trust, compliance with technical minimum standards, as well as comprehensive risk analysis and visibility of network communication.
Microsegmentation addresses these requirements by dividing networks into isolated units at the workload or application level. This prevents attackers from spreading unimpeded laterally after intrusion. In implementation, the Zero Trust principle applies: every data flow between segments must be explicitly authorized, authenticated, and continuously monitored. Furthermore, NIS2 requires the separation of IT and OT systems, which is technically implemented through microsegmentation.
Another aspect is IT risk management. The introduction of microsegmentation forces enterprises to fully capture and document their communication flows. This traffic mapping provides the necessary information for the risk analysis required by NIS2.
A current study from the 2026 Lateral Movement Exposure Report by Zero Networks based on 54 trillion activities across 312 enterprise environments underscores the urgency: 80 percent of enterprise servers are reachable from anywhere within the network. Internal data traffic (East-West traffic) accounts for over 70 percent of enterprise communication but often remains unprotected. The study also shows that 87 percent of servers accept RDP or SSH connections from many internal sources and 78 percent are accessible via management protocols such as SMB or WinRM—precisely those protocols that attackers use for ransomware distribution.
Adding to this is the growing role of AI agents: approximately 80 percent of enterprises are already using internal AI, yet two-thirds have not implemented governance policies for their use, leading to uncontrolled expansion of the attack surface.
Source: www.it-daily.net · Published 25 June 2026
Lumi AI News — AI-assisted curation according to Art. 50 EU AI Act. Paraphrasing and classification by Lumi News Pipeline v1.7.1.