Title: Enhancing Network Security through Microsegmentation: Insights from Main Line Health’s Initiative
In a significant step toward bolstering network security, Main Line Health, an established provider in the Greater Philadelphia area operating five hospitals and various ambulatory care facilities, has implemented an identity-based microsegmentation strategy. This initiative aims to efficiently manage the communication of approximately 60,000 devices within the organization’s network, as articulated by Aaron Weismann, Chief Information Security Officer (CISO) of Main Line Health.
The spectrum of connected devices in Main Line’s network is diverse, encompassing laptops, printers, and specialized medical equipment. According to Weismann, these include critical tools that range from smart pumps located at patients’ bedsides to imaging machines, such as MRIs found in their imaging centers. The implementation of microsegmentation is a vital endeavor meant to ensure the security of all these devices, particularly when some of them are aged and could be vulnerable to cyber threats.
Microsegmentation denotes a technique that partitions a network into smaller, isolated segments, enhancing security by controlling how devices communicate with one another. Mick Coady, the field Chief Technology Officer at Elisity—the security vendor assisting Main Line Health—elaborated on the importance of this approach, particularly concerning older medical technology. He noted that some of the imaging and medical devices in use may be one to two decades old and often lack the capability for software updates or the installation of traditional security agents. These devices pose unique challenges in terms of cybersecurity.
Coady emphasized, “It’s imperative to manage these devices critically. While it is crucial to keep them functional for essential clinical care, there is an urgent need to protect them and prevent lateral movement within the network, especially if they cannot be patched.” This delicate balancing act of maintaining device functionality while ensuring robust security measures is at the heart of Main Line Health’s microsegmentation strategy.
Weismann detailed that the microsegmentation deployment encompasses a staggering 24,000 different rules governing communications between devices on the network. This meticulous application of rules aims to delineate clear boundaries around device communications, fostering a more secure environment for both legacy and innovative medical technologies. “We wanted to ensure that microsegmentation was implemented correctly to protect our devices through our network tools,” stated Weismann, underscoring the importance of rigorous implementation to achieve desired security outcomes.
During an informative conversation with Information Security Media Group, within the context of the HIMSS 2026 conference held in Las Vegas, Weismann and Coady discussed several pivotal points related to microsegmentation. Among these points was the concept of conducting “pressure tests” on the microsegmentation project, which involves simulating potential cyberattacks to identify vulnerabilities before officially going live with the new system. Such testing is imperative to highlight any weaknesses that may exist and ensuring the system is robust against the evolving tactics employed by cyber adversaries.
Additionally, they explored the dynamic landscape of microsegmentation, particularly in clinical environments where diverse patient care services are offered among multiple facilities. Each of these environments presents distinct challenges that necessitate tailored microsegmentation strategies to ensure comprehensive security while adapting to the specific needs of each facility.
Weismann’s impressive tenure as CISO at Main Line Health spans six years. His previous experience includes serving as CISO for the Massachusetts Executive Office of Health and Human Services, a role in which he contributed to safeguarding health-related services for over three million residents of Massachusetts. This extensive background underlines his dedication to enhancing healthcare cybersecurity.
Coady, with over three decades of global expertisenew in privacy, security, and operational technology, has built a career that includes pivotal roles with three of the four largest consulting firms—KPMG, Deloitte, and PwC. His experience encompasses leading forensics and security investigations as well as collaborating with healthcare leaders to understand the complexities of protecting life-critical systems and medical devices.
In conclusion, Main Line Health’s implementation of identity-based microsegmentation serves as a model for other healthcare organizations striving to enhance their cybersecurity infrastructure. This initiative not only addresses the challenges posed by legacy devices but also establishes a foundation for protecting sensitive patient data and critical medical operations in an increasingly digital healthcare landscape. As healthcare providers continue to evolve with technology, initiatives like this are necessary to safeguard both the organization and the patients they serve.