Main Line Health readies networks for 'at home' hospitals

“The thing about the cloud, if you have cloud-optimized workflows and appropriate security, is that it’s a better position to be in generally,” he says. For example, if ransomware shuts down local servers, healthcare professionals can still access patient records and other critical systems.

The only major on-prem systems still left are imaging systems that have very robust storage requirements. “We’re able to provide storage at scale more cheaply on prem,” he says. “It’s one of the few non-cloud-optimized workflows.”

Of course, there are still security measures in place to protect local networks, Weismann says, but the main focus now is on what’s outside. “At any given time, we have a few thousand endpoints in the greater Philadelphia building that are not within our building,” he says.

As part of its cybersecurity transformation, Main Line Health had to bring in a whole new set of cybersecurity vendors. Netscope’s SASE platform now provides zero-trust access for remote staff, plus on-prem protection as well, says Weismann. Endpoint detection and response is now all in the cloud, via CrowdStrike. And device management is now handled by Armis Centrix, he says, which also runs completely in the cloud.

The only major vendor left in place that was there before COVID is Splunk (now owned by Cisco). “But we weren’t using it to its fullest abilities,” Weismann says. “We needed to double down and invest heavily in the skillset, which we did, and it’s been fantastic.”

Cybersecurity as an enabler

Too often, cybersecurity has been seen as a cost center and an obstacle to productivity and innovation. But that’s not how Weismann sees cybersecurity. “We’ve done a ton of work over the past few years to become enablers,” he says.