Medical Device Security Transformed: A Conversation with Industry Leaders at RSAC 2025 about Network Segmentation

Elisity RSAC Interview with David Holmes, CTO for Application Security at Imperva, and well-known industry analyst for cybersecurity, member of the Elisity Strategic Advisory Board, and Skip-Sorrels, Field CTO - CISO at Claroty: Network Segmentation and Healthcare IT - Past, Present and Future.

RSAC 2025 Interview Summary: The Golden Age of Microsegmentation in Healthcare IT

At RSAC 2025, David Holmes (CTO, Imperva) and Skip Sorrels (Field CTO/CISO, Claroty) explored the revolutionary transformation of network segmentation in healthcare environments, highlighting how modern solutions are finally solving decade-old challenges.

Healthcare's Unique Challenge

Sorrels, drawing from six years as a healthcare CISO, highlighted the sector's distinct challenge: medical devices with 15-20 year lifespans that eventually lose vendor security support while remaining clinically operational. "Risk begins to go up while the useful lifespan continues," he explained. "The only way you can really buy yourself time is through microsegmentation."

Traditional NAC implementations promised 2-3 year deployment cycles but delivered operational nightmares. With millions of IPs active daily and the impossibility of installing agents on IoMT devices, healthcare organizations faced insurmountable barriers to effective network segmentation.

Elisity's Breakthrough: Network-Based Microsegmentation

Holmes proclaimed we're in "the golden age of microsegmentation," specifically citing how Elisity solved what legacy vendors couldn't. "Elisity actually gets the network to do the work," he emphasized, contrasting this with the decade-long struggle where network vendors failed because "the networking community is in the business of connecting things, not shutting them down."

Unlike traditional approaches requiring agents or complex VLANs, Elisity enables rapid implementation using existing infrastructure—crucial for healthcare where IoMT devices cannot support agents and clinical operations cannot tolerate disruption.

Claroty-Elisity Integration: Accelerating Value

The integration fundamentally changes microsegmentation economics. Sorrels described their automated workflow: when Claroty detects a new device, it communicates with Elisity to determine if it's a "known good entity," automatically assigning appropriate segmentation or quarantining for evaluation.

This automation solves what Holmes called the traditional microsegmentation nightmare—years of traffic analysis followed by an "enforcement button" that breaks critical systems. Instead, the solution enables "horizontal microsegmentation" where policies apply based on Claroty-identified device types (e.g., all video cameras restricted to specific server communications).

HHS 405(d) and HIPAA Compliance

This approach directly addresses HHS 405(d) requirements and HIPAA mandates for network segmentation. Healthcare organizations can now implement granular segmentation, enforce least-privilege access, and maintain real-time visibility—all without the operational overhead that made compliance nearly impossible with legacy solutions.

"Quarantine" capabilities, previously non-existent in traditional microsegmentation, now allow healthcare IT to evaluate unknown devices without completely blocking potentially critical clinical equipment—addressing the fear of "mad clinicians" when legitimate devices are denied access.

Zero Trust Pragmatism

Both experts offered realistic Zero Trust perspectives. Rather than treating it as unreachable nirvana, they emphasized progress through replacing implicit trust with explicit policy. "If you're doing it in the network with Elisity and you're in blocking mode, you have made huge strides toward Zero Trust," Holmes stated.

AI's Healthcare Impact

The conversation concluded with AI security insights. Sorrels shared how his organization immediately blocked ChatGPT after discovering clinicians unknowingly introduced PHI into AI platforms through dictation and x-ray uploads. Both agreed that while AI-Zero Trust integration remains nascent, foundational microsegmentation becomes even more critical as healthcare explores AI adoption.

This RSAC discussion illuminated how modern microsegmentation solutions like Elisity, integrated with platforms like Claroty, are finally delivering practical, implementable network security that addresses healthcare's unique challenges while meeting stringent regulatory requirements.