Inside the Transformation: How Main Line Health Secured its Network Without Disruption

Accelerating Zero Trust with Identity-Based Microsegmentation in Healthcare

In the fast-evolving landscape of healthcare cybersecurity, one of the most pressing challenges organizations face is implementing effective security controls without disrupting critical patient care. At RSAC 2025, theCUBE's John Furrier sat down with Aaron Weismann, CISO of Main Line Health, and James Winebrenner, CEO of Elisity, to discuss how they tackled this challenge through a groundbreaking microsegmentation implementation that earned both CSO50 and CIO100 recognition.

The Modern Healthcare Security Challenge

Healthcare organizations face unique cybersecurity obstacles. They maintain a complex mix of systems – from traditional IT assets to medical IoT devices, many of which run embedded operating systems that cannot be patched or have EDR installed. As Aaron Weismann points out, "We have a very difficult time handling non-traditional compute because of not having tooling specifically designed to address and manage those devices."

With threat actors increasingly targeting healthcare with sophisticated attacks, the need for microsegmentation has become critical. According to Weismann, attackers are "becoming more vicious, targeting health systems in particular as well as other critical infrastructure. And they're doing so because regulatory breaches and patient dignity impacts are revenue drivers for them."

Securing Without Disruption: The Implementation Story

The implementation story at Main Line Health demonstrates how modern approaches to network security can overcome traditional barriers. What previously might have required years of work was accomplished in just a few months.

"The reason Elisity was so attractive to us is, it is, as James mentioned, downtime-less deployment," explains Weismann. "And it just works, right? As soon as you deploy it, it starts looking at everything on the network and determining whether or not it's appropriate for something to communicate."

Winebrenner highlighted the scale of traditional approaches by comparing to another customer who estimated their pre-Elisity network security project at "$200 million... a six-year project plan with 3,500 change control windows." In contrast, Main Line Health's implementation of Elisity that took just "a few months."

Turning Challenge into Opportunity

Perhaps most fascinating was how Main Line Health turned necessary network upgrades into an opportunity to improve organizational resilience. As part of implementing Elisity's microsegmentation, they needed to upgrade network equipment and firmware, which created planned downtime.

Weismann and his team brilliantly leveraged this situation: "We created the system where we use that downtime to take the tabletop exercise to the end user. So all of our clinicians were forced to go to downtime. We were able to disguise that technical downtime... and really reinforce the resilience of, 'Hey, you might have to go to paper if there's a ransomware attack.'"

This innovative approach earned Main Line Health both the CSO50 and CIO100 awards, demonstrating how security implementations can deliver multiple organizational benefits when approached thoughtfully.

Technology That "Just Works"

The interview highlighted the fundamental architectural advantages of Elisity's approach to microsegmentation. Winebrenner explained: "What we have done is decouple the network infrastructure from the desired business logic. Elisity built a software-defined control plane that we can extend out into the existing infrastructure, gather metadata about what's communicating, marry that up with other sources of identity and context that exist in the customer's environment... and then allow them to build that policy based on the identity and context, not the underlying network construct."

This decoupling from traditional network architectures enables organizations to implement zero-trust access controls without the massive disruption typically associated with segmentation projects.

Key Lessons for Security Leaders

The conversation revealed several critical insights for healthcare and industrial security leaders:

1. Engage clinical stakeholders: "Clinical operations actually loves helping technology design," Weismann noted. "If you start introducing these concepts and communicating in a clinically relevant way, you're going to be able to get really solid buy-in from your clinical operators."

2. Prioritize non-disruptive approaches: The ability to implement security without disrupting operations is paramount. Weismann emphasized that "the speed to being able to block unwanted communications across the network has been absolutely incredible."

3. Build resilience with tabletop exercises: Use security implementations as opportunities to strengthen organizational readiness. When clinicians experienced paper-based workflows, they recognized that "any technology supported care is better than analog care," reinforcing the value of the security investments.

The Impact Beyond Implementation

The success story extends beyond Main Line Health. Winebrenner noted, "We're already working with three or four other regional health systems in the based on the work that we did with Main Line."

More broadly, this approach helps transform traditionally adversarial relationships between security and infrastructure teams. By removing the friction of continuous network changes for security purposes, organizations can focus on their core missions.

As Weismann summarized the impact: "We're certainly able to sleep easier at night, especially as we see larger and larger ransomware attacks hit the healthcare vertical. We definitely don't want to be a victim of that, and therefore, anything we could do to mitigate the potential impacts of a cyber attack that could lead to a ransomware attack absolutely gives us peace of mind."

For CISOs facing the dual pressures of enhanced security and operational continuity, Main Line Health's implementation provides a compelling model for accelerating zero trust adoption without the traditional tradeoffs.

Watch the full theCUBE interview to learn more about this award-winning implementation and how Elisity is helping healthcare organizations achieve microsegmentation in weeks, not years.