Minimizing healthcare cyberattacks with network segmentation
As the threat landscape in healthcare continues to evolve, network segmentation has emerged as a crucial tool for mitigating risk and enhancing security. In recent years, hacking has remained the leading cause of healthcare data breaches, with nearly 30 million individuals impacted by large breaches reported to HHS in the first half of 2025 alone.
The importance of network segmentation was underscored by the HHS, which proposed updates to the HIPAA Security Rule, suggesting that covered entities be required to implement it as part of their security programs. Even if these updates do not pass as written, network segmentation remains a valuable security best practice for healthcare organizations seeking to reduce risk.
What is Network Segmentation?
Network segmentation is an architectural approach that separates a computer network into smaller sections to improve security and overall performance. By dividing the network into subnets, each working as an independent network, organizations can keep their data, systems, and applications separated in different security zones.
This allows administrators to set up distinct policies for each subnet and manage the flow of traffic to each, making it easier to manage large, complex networks. As Steve Cagle, CEO of cybersecurity company Clearwater, noted: "If you can start implementing network segmentation, you can start using either logical or physical means of separating business units, different IT departments, and really maintaining separation between both OT and IT."
Benefits of Network Segmentation
From a cybersecurity perspective, separating a large network into smaller sections has clear benefits. If cyberthreat actors target one segment, the attack can be contained, reducing the attack surface and minimizing the impact of a breach.
"One benefit is that you're reducing the attack surface because the threat actors cannot move laterally the same way they could if you had a flat network," Cagle stated. "If a breach does occur, you're containing it to a single segment. So, the impact of that potentially could be much, much less."
Network segmentation also allows administrators to adopt risk-based security controls for any given segment, with more stringent protocols applied to segments containing sensitive patient data.
Microsegmentation and Compliance
Network segmentation can play a key role in mitigating risks associated with ransomware attacks, which are increasingly targeting healthcare organizations. By separating networks into smaller sections, administrators can stop harmful traffic from reaching devices that are unable to protect themselves from attack.
"Segmentation can stop harmful Internet traffic from ever reaching them," Cisco suggested in a blog post. "For example, a hospital's connected infusion pumps may not be designed with advanced security defenses. Network segmentation can stop harmful Internet traffic from ever reaching them."
Implementation Challenges
"When you're implementing any type of security control, first and foremost, we want to understand the business use case and understand the purpose of the tools that we're using," Cagle noted. "We want to look at the data, the users, and the potential inconvenience that we're going to have."
Network segmentation is not easy to implement, especially for healthcare organizations with many legacy systems or complex environments. Assessing and prioritizing security needs on an individual basis is essential, as is considering the value of this undertaking against alternatives.
Closing Thoughts
"Doing a risk analysis is really important," Cagle emphasized. "And it's important to make sure that we're really thinking about this in the context of all the needs of the organization in terms of its security and compliance program."
As the threat landscape in healthcare continues to evolve, network segmentation has emerged as a crucial tool for mitigating risk and enhancing security. By understanding the benefits and challenges of network segmentation, healthcare organizations can take steps to protect themselves against cyber threats and maintain patient trust.