Dipping out of the Mosh security pit
When Jason Elrod, CISO from the Cartorary Health System, describes outdated IT health care, he does not expose the words: “Health loves to go back to the future. And here’s how we got here because there are many things we could prepare for this because we were so focused on where we were.”
This chaotic approach characterized her healthcare for decades. In a sector where life depends on the technologies operating flawlessly 24/7/365, security groups traditionally function as goalkeepers – “Department NO” – focused on protection through innovation and medical care.
But since health care continues its digital journey through transformation, this approach is no longer stable. With 14 hospitals, hundreds of urgent assistance clinics and nearly 30,000 employees serving millions of patients, Multicare needed another path – one that did not donate innovation for security. This shift began with a change in thinking above, which was due to many years of navigation experience on this accurate tension.
Jason Elrod’s view: Healthcare Mystery
After 15+ years, as CISO in the healthcare field, Elrod has a unique perspective in security for healthcare organizations. According to him, specific operational realities of health care create security dilemma unlike any other industry:
- Always on surgery: “When can you take it off? When can you stop everything and update?” Asks Elrod. Unlike other branches, Healthcare works 24.7.365 with a small downtime.
- Requirements for Access to Life or Death: “We must make sure that all they needed is available if they need it with a minimum amount of friction. Because this is me, this is you our communities, it’s our loved ones, it’s life or death.”
- Expands the surface of the attack: With the transition to telemedicine, remote work and connected medical devices, the landscape threatens has expanded dramatically. “It’s like a spaghetti bowl where each strand should be able to talk to one end or another, but just with the threads he needs.”
- Uneven incentives: “Historically, it has been focused on the availability and speed and access, widespread access … And security says,” This is a fantastic Lego car that you built. Before you go outside and play with it, I’m going to glued more on the top called security, privacy and execution. “
This is a recipe for burning, guilt and breakdowns. But what if safety can provide help instead of interfere with her?
See how Multicare has turned this opportunity into practice in the Microse SEMENTION Platform platform with Jason Elrod, Ciso, Multicare Health System.
https://www.youtube.com/watch?v=zsjly4fpozm
Identity: The key to modern healthcare
Breakthrough for Multicare occurred with identity implementation trace Through the elite.
“The largest surface of the attack is the personality of every person,” Elrod notes. “Why are the attacks always on identity? Because in the health care field, we must make sure that all information is available if they need it, with a minimum amount of friction.”
Traditional approaches to the network segmentation relied on complex VLAN, firewalls and endpoints. The result? “Byzantine spaghetti porridge”, which became more difficult to manage and update.
Elisity approach changed this paradigm, focusing on identity rather than a network place: in a network place:
- Dynamic security policies that monitor users, loads and devices wherever they are on the network
- Granular access control that creates perimeters of security around individual assets
- Political measures that use existing infrastructure for the implementation of traders without requiring new equipment, agents or sophisticated network reconigules
From skepticism to transformation
When Elrod first introduced “electivity” with his team, they answered healthy skepticism. “They look like:” Did you hit your head? Are you sure read what they said? I thought you stopped drinking, ”Elrod recalls.
The technical teams were questionable that such a solution of traders could work with its existing infrastructure. “They said,” It’s not like you can do, “Elrod shares.
But seeing believing. “If you see people who are deeply technical, people who just know their crafts, and they see something and go” oh “… It has shot the pillars of their opinions about what can be done,” Elrod explains.
The decision of the elite delivered to his promise:
- Fast implementation without devastating network changes
- Automated or hand adjustments to real -time policies that were previously required weeks for implementation
- Complex visibility in previously set conditions
- Improved Security Post without Damage for Available
… Everything, without causing compromise between protection and performance.
But what surprised Elrod was not only what the technology did, but also how it changed the people who use it. (Je2)
By breaking the walls between the teams
Perhaps the most unexpected benefit was how the decision transformed the relationship between the teams.
“There was a friction item. Put this control and restriction on the network. Who is the first person who called? They would call it.” I can’t do it. “And I say,” Well, you can’t open everything because everyone can’t have everything.
The identity -based traders have changed this dynamics:
“It changed from” How do I do? “And” How do you handle me? “
With the help of felisity, security and IT -commander are now sharing incentives rather than competing priorities. “The same thing that allows me to make the connection between this area and here without friction, it is also the same as providing rationalized safety around it. The same instrument, the same dashboard, the same team,” Elrod notes.
Inclusion of culture so
For healthcare professionals, the influence is deep. “If they do not have to worry about access, you do not need to worry about control, they can take a cognitive load on thinking and worry about the factors of it, safety, privacy, technology underlying the table they work on,” says Elrod.
This shift allows fundamental changes in how security interacts with clinical staff:
- Shipping speed: “We can do this with the speed of the need, unlike the speed of bureaucracy, technology speed, heritage speed,” Elrod explains.
- Granulated control: “How do you want your own segment on the net wherever you wander? I can rely on your identity, wherever you are,” shares Elrod.
- Improved trust: “The opportunity to instill this confidence that” hey is safe, it’s stable, it’s scalable, it’s functional, we can support it. And we can move at the pace you want to move. “
Bunker breaking: Business Imperial for Security Integration-
The traditional department between security groups and IT operations is quickly outdated as organizations recognize strategic benefits of integration. Recent studies show convincing benefits for businesses for businesses that successfully overcome this gap, especially for industrial, industrial and medical sectors.
According to Skybox Security (2025), 76% of organizations believe that incorrect communication between networking and security groups adversely affected their security. This shutdown creates material risks of safety and operative ineffectiveness. Conversely, organizations that have a single security and IT operations reported 30% less significant security incidents compared to those who have a Sewed Teams.
For health care organizations, the rates are even higher. Among the healthcare institutions undergoing ransom attacks, those who have security, and IT operations, reported increased patients’ mortality rate in 2024, compared to 23% in 2023 (Ponemon Institute & Proupof, 2024). This great reality emphasizes that cybersecurity integration is not only prompt consideration – the need for patients’ security.
Financial business for integration is equally convincing. A general research on the Forreter’s economic impact on Servicenow’s security decision demonstrated 238% profitability and $ 6.2 million in modern preferences, with a 6-month payback period of security and IT operations (Forrester/Servicenow, 2024).
Organizations that think forward take complex integration models such as cyber merger centers. The Gartner study confirms that they are significant progress on traditional security operations, predicting that by 2028, 20% of large enterprises move into a fusion team of cyber frauds to combat internal and external opponents, which is compared to less than 5% in 2023.
For business leaders, the message is clear: the destruction of operational bins between security and IT commonds are not just good practice – it is important for comprehensive protection, efficiency and competitive advantage in today’s threats landscape. Few people realize that it is better than Elrod, which has spent decades, trying to overcome this gap, both technologically and culturally.
Bridge to modern healthcare
For Elrod, identity-based traders are not just a technological solution is the bridge between wherever it was health and where to go.
“Technology has not bought in the past because it was bad … They were great. Good intention.
Electivity helps the multiple “Build this bridge from where we were where we needed to go … It’s a staircase from the pit. It’s great. Let’s stop throwing there.
Looking forward
Although no solution can solve all health problems, identity traders-based “one of the brick brick road to make the safety and healthcare technology” Yes “, Elrod reports.
As health care organizations continue to balance safety requirements with the need to assist without friction, the solutions that meet these competing priorities are becoming more important.
Identifying the identity-based trading, Multicare has transformed the security of the barrier to Enabler modern health-supporting what you can create a culture where the default and safety and preservation can be created.
Ready to avoid your own security “Mosh Pit” and build a bridge to modern health? Download Microse SEMENGATION 2025 buyer guide. This resource produces healthcare leaders with evaluation criteria, implementation strategies and ROI framework, which helped organizations, like Multicare, are transformed from “NO” into “culture”. Start your way to person -based security today. To learn more about Elisity and how we help convert healthcare organizations such as Multicare, Visit our web -sight here.