Cyber Resilience Over Firefighting: Empowering Healthcare to Outpace Cybercrime with Microsegmentation

In this interview with Dr. Guru Gurushankar, SVP & GM of Healthcare and Life Sciences at ColorTokens, we explore why cyber resilience, not just cybersecurity, is now the critical frontier for protecting patient data and operational continuity.

Cybersecurity in healthcare is no longer just a technical challenge. It is a matter of life and death. In June 2024, a ransomware attack by the Qilin group on the UK's National Health Service led to massive disruption of diagnostic services. 

Tragically, one patient's death at King’s College Hospital was directly linked to the cyberattack, after delays in critical lab testing caused by the breach. 

In an era where cyberattacks on healthcare institutions are no longer a matter of if, but when, traditional cybersecurity approaches have proven dangerously inadequate. The industry is grappling with a unique set of challenges, including tight budgets, complex environments, legacy systems, and an unrelenting threat landscape. 

With more than 28 years of experience spanning global healthcare giants like GE, Johnson & Johnson, Philips, and AWS, Dr. Gurushankar brings a sobering yet actionable perspective to the conversation. 

He outlines how breach readiness must become the new default posture and how ColorTokens’ flagship solution Xshield™ uses pervasive microsegmentation to isolate threats, stop lateral movement, and build defense by design. 

Dr. Gurushankar discussed cybersecurity threats plaguing healthcare and offered long-term solutions rooted in adaptability, visibility, and real-time containment. The goal? To ensure cyberattacks never compromise patient care again.

Vishwa: You have over 28 years of experience in the healthcare industry. Please share what inspires you to stay connected to this industry and your journey to ColorTokens.

Dr. Gurushankar: My inspiration to stay connected to the healthcare industry comes from a deep-seated passion for improving patient care and outcomes. Over the years, I've had the privilege of working with global healthcare organizations such as Philips, AWS Healthcare, Cardinal Health, Johnson & Johnson, and GE Healthcare.

Healthcare cybersecurity has always been tough. Add tight budgets, constant staffing challenges, and the nonstop chaos of daily operations, and it feels downright impossible. I’ve seen how healthcare’s mission of providing uninterrupted patient care also makes it a prime target for cyber adversaries.

For a long time, we believed that having firewalls, EDR, threat detection tools, and dedicated teams would make us secure. On paper, everything seemed solid. Yet, breaches continued to happen - not because we lacked the right tools, but because threats kept evolving, and every breach carried life-or-death stakes. Take, for instance, over 400 hospitals were breached last year, costing millions in ransomware, taking a hard hit on reputation, and shutting down operations.

It hit me: traditional cybersecurity alone isn't enough. We're in asymmetric warfare - attackers only have to succeed once; defenders have to be perfect every time. It's unsustainable. What we truly need is cyber resilience, i.e., we have to be breach ready.

Breach readiness shifts the focus from merely preventing breaches to assuming compromise will happen and planning proactively to contain it. Instead of relying solely on perimeter defenses, we augment by isolating the threats and preventing their lateral movement. You can’t patch your way out of this—you have to fundamentally break the attacker’s path.

That realization drew me to ColorTokens. When I first encountered their pervasive microsegmentation approach, my initial thought was, “This sounds too good to be true.” But after seeing ColorTokens in action, deployed seamlessly in complex healthcare environments, I was convinced. They demonstrated how true cyber resilience could be achievable - not through chasing endless alerts, but by designing security that stops threats from spreading, period.

That’s why my journey led me here - to help healthcare move from cybersecurity to genuine cyber resilience, where protecting patient care isn’t just a hope, it’s a certainty by design.

Vishwa: Can you name and outline the features of some of the cybersecurity solutions offered by ColorTokens?

Dr. Gurushankar: Our flagship solution Xshield™ provides comprehensive protection for enterprise assets. It offers granular visibility into network traffic, enforces zero-trust policies, and creates micro-perimeters to prevent the lateral spread of threats through advanced microsegmentation technology. Xshield also recommends security policies based on traffic patterns, integrates with existing security infrastructure, and supports diverse environments like data centers and cloud platforms.

But what really sets ColorTokens apart is how our Breach Ready microsegmentation platform works everywhere - not just in your cloud environments but also across your data centers, legacy systems, operational technology, IoMT devices, and even clinical applications. 

It's a single, pervasive security blanket that covers everything, helping you effortlessly meet stringent compliance standards like HIPAA, PCI-DSS, and federal segmentation guidelines.

You deploy it quickly, see ROI immediately, and gain crystal-clear visibility into your entire healthcare ecosystem - from billing systems to critical care units - in minutes, all through one simple, intuitive dashboard.

Vishwa: What are your observations about the workings of healthcare organizations, with reference to how they understand cyber hygiene, cybercrimes, and the detection and prevention of threats?

Dr. Gurushankar: Healthcare organizations are increasingly aware of the importance of cyber hygiene. However, there is still a significant gap in their understanding and implementation of effective threat detection and prevention measures. 

Tools like firewalls, EDR, and perimeter defenses are necessary, but they mainly focus on keeping attackers out. But what happens when attackers inevitably breach these initial defenses? The key is to stop intruders from moving freely within your network. ie, preventing lateral movement.

That’s the critical shift we need: moving from simply "preventing breaches" to “containing breaches” and achieving “breach-ready” status that delivers digital operational resilience to your organization. Healthcare organizations need to assume that compromise will happen and focus on containment strategies. Stop just patching vulnerabilities or chasing alerts—start isolating networks and breaking the attacker’s path. Regular risk assessments, continuous staff training, and adopting advanced solutions like microsegmentation are essential.

Only when healthcare organizations fully embrace this proactive approach will they achieve genuine cyber resilience and effectively protect patient care.

Vishwa: Please share your thoughts about AI in Healthcare. How can healthcare professionals adapt to AI technology, and what are the major barriers to the same?

Dr. Gurushankar: AI has the potential to revolutionize healthcare by improving diagnostic accuracy, personalizing treatment plans, and enhancing operational efficiency. Healthcare professionals can adapt to AI technology by undergoing training and embracing a culture of innovation. 

Major barriers include resistance to change, lack of technical expertise, and concerns about data privacy and security. Overcoming these barriers requires a concerted effort to educate and support healthcare professionals in their journey towards AI adoption.

Vishwa: Can you name specific AI innovations or technologies that can automate data security and prevent threats, thereby reducing the onus on medical professionals to some extent?

Dr. Gurushankar: AI-driven technologies can significantly enhance data security and reduce the burden on medical professionals. For instance, AI-driven threat detection systems can identify and respond to cyber threats in real-time, ensuring continuous protection without requiring constant manual oversight. 

Machine learning algorithms can analyze vast amounts of data to detect anomalies and predict potential security breaches, providing proactive defense mechanisms. Automated compliance tools can help healthcare organizations adhere to regulatory requirements, thereby enhancing data security and reducing the administrative load on medical staff. 

These innovations allow medical professionals to focus more on patient care while ensuring that their digital infrastructure remains secure.

Vishwa: How can healthcare organizations prioritize cyber resilience based on urgency? What steps or preparedness would they need to implement a strategy?

Dr. Gurushankar: To prioritize cyber resilience, healthcare organizations should start with comprehensive risk assessments to identify vulnerabilities and potential threats.  They should ask the question - “how can i continue to operate, even if there was a breach?” Preventing lateral movement via microsegmentation and implementing real-time threat detection is crucial. 

Equally important is training staff on cybersecurity best practices and developing incident response plans. Regular drills and simulations ensure that staff are well-prepared for cyber incidents. Collaboration with cybersecurity experts and industry partners can enhance defenses, while continuous monitoring and auditing help maintain effective security measures. If this is done with the mindset of breach-readiness, rather than just breach-prevention will elevate our game.

Additionally, adopting a layered security approach, where multiple security measures are implemented at different levels of the IT infrastructure, can provide redundancy and ensure comprehensive protection. By taking these steps, healthcare organizations can protect their critical assets and maintain strong cybersecurity postures, ensuring they are prepared to respond and recover effectively when incidents occur.

Vishwa: What is your perspective about “Breach Readiness” for healthcare professionals?

Dr. Gurushankar: Breach readiness is not just about preventing breaches but about ensuring operational resilience and continuity. Because attackers only need to succeed once, but defenders must get it right every single time. The consequences of a breach can be devastating. Patient data, trust, and the integrity of healthcare operations are at stake.

True breach readiness means assuming compromise and designing for containment. Traditional defenses alone aren't enough and need to be augmented. You must proactively disrupt the pathways attackers use to move laterally within your network.

At ColorTokens, our advanced microsegmentation technology, Xshield, enhances breach readiness by isolating network segments for granular traffic monitoring and control. This approach significantly minimizes the attack surface and prevents unauthorized lateral movement. Xshield's software-based segmentation ensures rapid deployment and immediate ROI.

By providing deep visibility into network traffic, this proactive strategy enables healthcare organizations to effectively contain threats before they spread. As a result, healthcare providers are better prepared to respond and recover swiftly from cyber incidents, safeguarding patient trust and maintaining operational integrity.