Scott Alldridge, CEO of IP Services, likens microsegmentation to a hotel experience.
“You go to the front counter. You present your ID. They authenticate you,” he explains. “They give you a key card. You can go into the exercise center, sometimes a lounge, but you can’t go into other guest bedrooms or the back office. They’re really controlling for a point in time.”
Controlling access case by case, he says, restricts “east-to-west” movement within a network. If a breach occurs, the intruder’s ability to move laterally is severely limited. And moving they are. According to The Hacker News, “over 70% of successful breaches involving attackers moving laterally.” This, they say, is causing “organizations to consider rethinking how they secure internal traffic.”
Enter microsegmentation and zero trust.
Microsegmentation Comes of Age Alongside Zero Trust
A regular contributor to Forbes, Alldridge’s passion for technology hails from his high school days where he hid a Commodore 64 underneath his bed in case friends stopped by. At age 19, he started a software company, then reinvented network integration and IT security for MicroAge Inc., a company on the Fortune 500 list the final five years of the last century.
Alldridge’s experience comes by way of deep learning through his IT Process Institute, a research organization that studies IT values. One of his chief findings: 70% to 80% of downtime correlates due to unauthorized change, the core battle zero trust is known to win. Microsegmentation, Alldridge points out, is central to zero trust, which takes a “never trust, always verify” approach to eliminating and reducing attacks.
Before 2020, he says, perimeter-based security was widely adopted. By 2024, as Alldridge was making his final edits on his 468-page book “The Visible OPS Cybersecurity: Enhancing your Cybersecurity Posture with Practical Guidance” (more than 400,000 copies sold) zero trust was gaining broader adoption.
Still, in OT environments, microsegmentation was sorely needed but not exactly wanted.
Granular security in an environment requiring 24/7 uptime was perceived as complex and risky. Many industrial devices and systems were not designed with security in mind. Plus, there were legitimate barriers to contend with: the constraints of legacy equipment, patches bridging gaps with modern technology, increased number of devices, and an outdated assumption that operations are off the radar of dark actors.
“And so what we’re learning is how to protect those systems,” he says. “Some are SCADA, they’re dated, and a lot of them don’t have the ability to put proper security in place. In a lot of the industrial applications of technology, they’re using third parties to use specific machines, from water pump monitoring devices to CNC machines that cut wood and cabinets to logging and tractors that are in the field. They haven’t thought about the security aspects. Much like we’ve made progress on the electrical grids and the dams and the municipalities to some degree, they’re still working on it, though.”
A zero-trust approach, combined with microsegmentation, allows organizations to “apply policies and add procedures … to basically block access, make it impenetrable – unless you allow and open up access to a specific person, individual, a particular network point, or a particular workload or application,” he adds.
Microsegmentation Keeps AI in Check
While AI has been around since the 1950s, it is now the go-to for many – from the curious retiree to employees using “shadow” AI to write emails and strategic plans to students looking for a good introduction for their research paper.
In his Forbes article “How AI Isn’t Just Improving Attacks, But Making Them Continuous.” Alldridge warns of AI’s security risks with the same urgency as Paul Revere’s midnight ride.
An excerpt from his article bears why: “By enforcing least privilege communication at the workload, application, and data layer, microsegmentation turns a single compromise into a contained incident instead of an enterprise-wide event. It doesn’t rely on signatures. It doesn’t wait for alerts. It simply makes movement impossible unless explicitly allowed. That’s the key shift: from detection-based defense to architectural containment. When microsegmentation is combined with zero-trust principles, attackers can still get in, but they can’t spread. And in the age of AI, stopping spread matters more than stopping entry.”
Alldridge differentiates between generative AI (GenAI) and agentic AI, explaining that while GenAI is popular for creating content, agentic AI refers to intelligent agents capable of autonomous actions within networks.
Agentic AI, he says, could identify vulnerabilities, such as open network ports or improperly protected application programming interfaces (APIs), and potentially exploit them. He points out that agentic AI can act quickly, communicating across the network to find and create new breaches or move laterally – that “east-to-west” direction mentioned earlier – within the network.
Microsegmentation and zero-trust principles, which both reduce the attack surface and limit the blast radius, counteract AI-driven threats that can create more sophisticated cybersecurity problems.
AI agents are “going to be very intelligent,” he explains. “They may see something is open over here and there’s some ports open on the network that should have been shut down on the firewall of the switch or whatever.” If AI sees an application like an API that’s not properly protected, an application interface, or a non-human interface, AI agents could communicate internally, educate themselves, and create a new breach or move quickly east to west along the network.
If you think ambitious AI agents sound like science fiction, take a look at this example Alldridge shares.
A midsize parts manufacturer recently implemented AI-driven production scheduling and supplier integration tools. In so doing, they exposed several APIs to connect their ERP system to logistics partners and automated warehouse robots.
One weekend, an AI agent embedded in a compromised third-party vendor application began scanning internally. Not good. It detected an open management port on a network switch that had been left exposed after a firewall rule change during maintenance. It also found an internal API used for machine telemetry that lacked proper authentication between non-human service accounts.
The rogue AI agent didn’t “hack” in the traditional sense. It mapped the environment in seconds, educated itself on accessible interfaces, and began moving laterally, east to west, across the flat portions of the network.
Within minutes, the AI agent accessed the production planning server and exfiltrated proprietary CAD files and supplier pricing data.
By Monday morning, plant operations were halted by ransomware deployed through the same unmanaged API pathway.
The root cause wasn’t sophisticated malware, it was poor network segmentation, unprotected APIs, and non-human identities without zero trust controls.
The AI agent simply exploited what was already open.
IP Services Becomes FreeWave’s First MSSP
The above example underscores the importance of zero trust and why lateral movement is critical to protecting networks. It also explains why his company, IP Services, has joined FreeWave as its first Managed Security Service Provider (MSSP).
Alldridge is enthusiastic about bringing the FreeWave Zentry™ solution to clients. “Love the company, love the technology they’ve developed, love the fact that they have very deep chops and experience in securing devices and providing access securely for communications for devices. They have a lot of experience in various industries, with a lot of operational technology. I love that.”
FreeWave’s Zentry solution is a zero-trust security and connectivity solution built to secure OT, Industrial Internet of Things (IIoT), and distributed networks. Alldridge says the solution makes microsegmentation accessible by offering a subscription-based model that is easily deployed and affordable. “What they’re delivering now is a very practical and yet affordable way to deliver a zero-trust strategy at the microsegmentation layer.”
By partnering with FreeWave, IP Services can bring its “tip of the spear” cybersecurity expertise to organizations that may not have in-house microsegmentation experts.
“Security has got a shortage of people who really understand this space so bringing that kind of technical, cybersecurity expertise is so needed with all the things going on in cyber,” Alldridge says. “That’s what FreeWave and IP Services can bring to this customer base … the next level of protection and cybersecurity.”
FreeWave’s innovative solutions along with IP Services’ MSSP expertise help organizations achieve robust OT security – minimizing the attack surface and blast radius. Get the data sheet.
