Integrative research means our extensive company research informs every thesis and perspective. The result is deep industry knowledge, expertise, and trend insights that yield valuable results for our partners and clients.

About the Author:
Howard Smith
Managing Director
Howard Smith is a managing director (office of the president) specializing in research and investment in software-as-a-service (SaaS) businesses and other business models based on information technology, particularly Internet of Things, cybersecurity, and internet infrastructure. He also built the firm’s historical research franchises in call centers and computer telephony. He is a thought leader in his sectors, having authored numerous widely read white papers. He uses his industry knowledge and expansive network to uncover promising investment opportunities and help companies navigate their strategic paths and accelerate growth. His work has been cited for excellence by the Wall Street Journal and other publications. Prior to joining First Analysis in 1994, he was a senior tax consultant with Arthur Andersen & Co. He earned an MBA from the University of Chicago and a bachelor’s degree in accounting from the University of Illinois at Urbana-Champaign. He is a certified public accountant.
First Analysis Cybersecurity Team
Howard Smith
Managing Director
Matthew Nicklin
Managing Director
First Analysis Quarterly Insights
Not a micro segment: Microsegmentation's ability to protect the cloud is big opportunity
March 16, 2021
  • As bad actors have learned to take advantage of the freedom inside a protected environment and internal threats have become better understood, cybersecurity spend has rapidly expanded from protecting internal assets from outsiders to better controlling lateral data flows within protected environments.
  • In a world where lateral data flows for a business process can now span on-premise infrastructure, a company's own data center, third-party data centers such as AWS, Azure, and Google Cloud, and hosted cloud applications from third parties, microsegmentation is a key solution in the arsenal to protect business assets. Microsegmentation divides data center and other computing assets, regardless of physical location, into logical groupings, sometime down to very basic component and workload levels, and then creates and enforces policies for each segment.
  • While microsegmentation can be highly effective and has great promise, its relatively early stage of evolution combined with its complexity mean there is a long runway for the market to grow as innovative cybersecurity companies invest to introduce better solutions. We highlight just a few of the companies providing some of today's leading solutions.


Includes discussion of PANW, VMW, ZS and three private companies

Proliferation of lateral data flows shifts the nexus of vulnerability

Microsegmentation is key to protecting today's expansive computing environment

Enormous complexity requires automation

Common implementation challenges

Tradeoffs among microsegmentation solution types

Some leading microsegmentation players

See heavy investment, new products and M&A ahead

Cybersecurity index continues to soar, pulls further ahead of Nasdaq and S&P

M&A activity slows in Q1

Q1 private placements on track to rise from Q4 low

Proliferation of lateral data flows shifts the nexus of vulnerability

Most historical security spend has focused on preventing unauthorized or inappropriate access from outside a protected environment and keeping sensitive data inside a protected environment from leaving. These data movements are commonly referred to as north-south traffic. East-west traffic, or lateral data flows, refers to flows between points within a protected environment. For example, a person sending account information to a client creates north-south traffic, while an internal accounting system pulling data from an internal payroll database creates east-west traffic. In the early days of networking, east-west traffic received much less scrutiny than north-south traffic. However, as internal threats became more appreciated and bad actors learned to take advantage of the freedom they found once they had penetrated a protected environment, security postures changed to pay much more attention to east-west traffic.

Fast forward to today's networking environment where data is located in a combination of on-premise infrastructure, a company's own data center, third-party data centers such as AWS, Azure, and Google Cloud, and hosted cloud applications from third parties. A single application or workflow may use and pull data from all of these. For example, a cloud based payroll system may pull hours worked by employees from systems hosted in a third party data center and from on-premise databases. In this type of data environment, enterprises cannot rely on north-south focused network-based firewall architectures because lateral data flows are just as critical and trying to firewall every segment based on IP address mapping is difficult and largely ineffective at preventing attacks.

To access the full report, please provide your contact information in the form below. A First Analysis representative will follow up with you shortly. Thanks for your interest in First Analysis research.
First Name required!
Last Name required!
Email required!
Industry required!
Unfortunately, your request to access the complete report has failed.

Please check the contact information you have entered.

If the form submission failure persists, please contact Person at (xxx) xxx-xxxx to handle your request. Thank you.
©2024 by First Analysis Corporation.
One South Wacker Drive
Suite 3900
Chicago, IL 60606