The Golden Age of Microsegmentation: How Healthcare Organizations Are Revolutionizing Medical Device Security in 2025

Healthcare cybersecurity stands at a critical inflection point. With over 44,000 security professionals gathering at RSAC 2025 in San Francisco, one conversation captured the industry's most pressing challenge: securing the explosive growth of medical devices while maintaining the operational integrity that saves lives. In an exclusive interview, (Watch it here) David Holmes, author of The Forrester Wave™: Microsegmentation Solutions, Q3 2024 and CTO for Application Security at Imperva, former Forrester analyst and member of the Elisity Strategic Advisory Board, joined Skip Sorrels, Field CTO-CISO at Claroty, to reveal why we're entering what Holmes himself termed "the golden age of microsegmentation" – and why this matters more for healthcare than any other sector.

The Evolution of Microsegmentation: From Data Centers to Healthcare Environments

When Holmes authored the Forrester Wave Microsegmentation Solutions, Q3 2024 report, he documented a remarkable transformation in microsegmentation technology. "Just two years ago, microsegmentation was primarily about layer 3 network controls in data centers," Holmes explained during the interview. "Today, we're microsegmenting public cloud workloads, microservices, operational technology, and – critically for this conversation – healthcare environments with sophisticated approaches that were impossible before."

This evolution is particularly significant for healthcare organizations. As Holmes noted in his Forrester research, vendors like Elisity have developed approaches specifically suited to "device-heavy environments like OT and healthcare," where traditional network-based segmentation has consistently failed. The ability to microsegment at the network switch level, combined with identity-based policies that include EDR risk scores, represents a fundamental shift in what's possible for medical device security.

The Healthcare Security Crisis: Why Traditional Approaches Fall Short

Healthcare organizations face a unique cybersecurity paradox. Unlike other industries where a security incident might mean financial loss or reputational damage, in healthcare, cyber attacks can directly impact patient care and cost lives. As Holmes emphasized during the interview, "Healthcare has this additional burden where if something goes wrong, it's not just about data or money – it's about human lives."

The numbers paint a sobering picture. According to discussions at RSAC 2025, healthcare organizations typically manage thousands of medical devices – from MRI machines and infusion pumps to patient monitors and surgical robots. Many of these devices run on legacy operating systems, cannot accept security agents, and were never designed with cybersecurity in mind. This creates what security professionals call an "expanded attack surface" that traditional security tools simply cannot protect.

Skip Sorrels brought decades of healthcare IT experience to the conversation, noting that "The challenge in healthcare isn't just about the volume of devices – it's about the criticality. You can't just shut down an MRI machine for a security update when there's a patient inside who needs immediate imaging for a stroke diagnosis."

Understanding the Regulatory Landscape: HIPAA, HHS 405(d), and Beyond

The regulatory environment adds another layer of complexity to healthcare cybersecurity. During their discussion, both experts highlighted how regulations like HIPAA and HHS 405(d) have evolved to address modern threats, but implementation remains challenging for most organizations.

"HHS 405(d) specifically calls out network segmentation as a critical control," Sorrels explained. "But the guidance assumes you can implement traditional segmentation approaches that simply don't work in healthcare environments. You can't redesign your entire network architecture when you have life-critical systems running 24/7."

Holmes added perspective from both his Forrester research and his work with healthcare organizations globally: "The regulatory requirements are getting more specific about segmentation, but they're often written by people who don't understand the operational realities of a hospital. That's where modern microsegmentation becomes transformative – it allows you to meet and exceed regulatory requirements without disrupting patient care."

The conversation revealed that many healthcare organizations struggle with basic compliance because traditional segmentation projects take years to implement and often fail due to complexity. This gap between regulatory requirements and practical implementation has left many hospitals vulnerable to ransomware and other attacks.

The Revolution: Identity-Based Microsegmentation Transforms Healthcare Security

The interview unveiled a fundamental shift in how leading healthcare organizations approach network security. Instead of relying on traditional network-based controls like VLANs and firewalls, modern microsegmentation uses device identity and context to create dynamic security policies.

"What we're seeing with platforms like Elisity is a complete reimagining of how segmentation works," Holmes observed, drawing on his Forrester Wave analysis. "Instead of trying to redesign your network, you're overlaying intelligent security policies based on what a device is, not where it sits on the network."

Holmes' research documented how these new approaches support what he called "bangin' features like auto-quarantine, emergency button (mass quarantine), and live recovery during an active ransomware attack" – capabilities that simply didn't exist when he wrote the previous Forrester Wave report just two years earlier.

This approach solves several critical challenges unique to healthcare:

Rapid Deployment Without Disruption

Traditional segmentation projects in healthcare often take 12-18 months per facility. Modern microsegmentation can be deployed in weeks or even days, without any network downtime. As demonstrated at RSAC 2025, healthcare organizations are achieving full segmentation across multiple sites in timeframes that would have been impossible just two years ago. Watch this interview with Aaron Weismann, CISO, Main Line Health and James Winebrenner, CEO of Elisity discuss these timelines on theCUBE at RSAC 2025.

Comprehensive Device Discovery

Healthcare IT teams often don't know what devices are on their networks. Modern platforms automatically discover and classify every connected device – from advanced imaging systems to simple IoT sensors. This visibility alone represents a massive security improvement for most hospitals.

Dynamic Policy Management

Unlike static network rules, identity-based policies adapt as devices move or change. A portable ultrasound machine maintains appropriate access whether it's in the emergency room, operating theater, or patient floor – something impossible with traditional network segmentation.

Real-World Impact: How Leading Healthcare Systems Are Implementing Modern Microsegmentation

The conversation included compelling examples of healthcare organizations successfully implementing microsegmentation. While specific names were protected for security reasons, the patterns were clear and aligned with what Holmes documented in the Forrester Wave™ Microsegmentaiton Q3, 2024:

Manufacturing and Pharmaceutical Integration

One Fortune 500 pharmaceutical company mentioned in the discussion reduced their segmentation timeline from years to weeks across 240 sites globally. By using identity-based microsegmentation, they discovered over 510,000 unmanaged IoT and OT devices that were previously invisible to their security team.

Critical Access Hospitals

Smaller healthcare facilities, which often lack extensive IT resources, are finding particular value in modern approaches. "These hospitals can't afford a team of network engineers to manage complex segmentation," Sorrels noted. "But with platforms that leverage existing infrastructure and automate policy creation, even a small IT team can achieve enterprise-grade security."

Multi-Site Health Systems

Large health systems with dozens of facilities are using microsegmentation to create consistent security policies across all locations while still allowing for site-specific requirements. This standardization dramatically reduces both security risk and operational complexity.

The Technology Stack: Integrating Asset Intelligence with Policy Enforcement

A key theme in the interview was the importance of integration between asset discovery platforms and policy enforcement systems. The discussion highlighted how platforms like Claroty xDome provide deep visibility into medical devices and OT systems, while Elisity's microsegmentation platform uses this intelligence to create and enforce granular security policies.  (Read the Elisity and Claroty Integration Solution Brief here.)

"The magic happens when these systems talk to each other," Holmes explained. "Claroty identifies a CT scanner, understands its vulnerabilities and communication patterns, and Elisity automatically creates appropriate security policies. It's this integration that makes microsegmentation practical in healthcare."

The bidirectional integration means that not only does Elisity receive device intelligence from Claroty, but it also shares policy enforcement status back. This creates a closed-loop system where security teams can verify that every discovered device is properly protected – a capability that's particularly crucial for meeting regulatory requirements.

Holmes noted that this level of integration represents the maturation of the microsegmentation market: "When I evaluated these vendors for the Forrester Wave, what struck me was how far we've come from simple network rules to sophisticated, identity-aware policies that can leverage data from multiple security tools."

Looking Ahead: The Future of Healthcare Cybersecurity

As the interview concluded, both experts shared their vision for the future of healthcare security. The consensus was clear: microsegmentation is moving from an advanced capability to a fundamental requirement.

"In five years, we'll look back at network security without microsegmentation the same way we now view networks without firewalls – as fundamentally incomplete," Holmes predicted, echoing themes from his Forrester research.

Sorrels added a practical perspective: "The attacks aren't slowing down. If anything, they're accelerating. Healthcare organizations that don't implement microsegmentation aren't just falling behind on compliance – they're putting patient care at risk."

Holmes reflected on the rapid evolution he's witnessed: "When I wrote about microsegmentation being at the dawn of its golden age, I was documenting a technological leap. But what we're discussing today – the real-world implementation in healthcare – that's where the rubber meets the road. It's one thing to have the technology; it's another to see it protecting patient care."

Taking Action: Your Path to Secure Healthcare IT

The interview made clear that while the challenges facing healthcare IT are significant, the solutions are now mature and proven. As Holmes documented in the Forrester Wave, "microsegmentation buyers have more choices than ever and can have some confidence that these once-failure-prone projects may actually work this time."

For healthcare CISOs and security leaders, the message from RSAC 2025 is clear: the golden age of microsegmentation has arrived, and early adopters are already seeing transformative results. Whether driven by regulatory compliance, ransomware concerns, or the fundamental need to protect patient care, the time to act is now.

To learn more about the specific strategies and technologies discussed in this interview, watch the full conversation between David Holmes and Skip Sorrels. Their insights, drawn from decades of experience, cutting-edge research, and the latest developments from RSAC 2025, provide a roadmap for any healthcare organization ready to transform their security posture while maintaining the operational excellence that defines modern healthcare.

The complete interview, including detailed technical discussions and additional case studies, is available for viewing. Don't miss this opportunity to learn from two of healthcare IT security's most experienced voices – including the analyst who literally wrote the book on modern microsegmentation – as they chart the path forward for medical device security and network microsegmentation.

Ready to see how Elisity can transform your healthcare organization's security posture with microsegmentation that deploys in days, not years? Request a personalized demo today and discover why leading healthcare systems trust Elisity to protect their critical medical devices and patient care environments.