Healthcare security teams still operate with a 40% blind spot because stitched-together inventories fail to capture the full mix of medical and IoT devices on hospital networks.
Wes Wright, Chief Healthcare Officer at Ordr, shows how device-level intelligence replaces that gap with a complete and trusted view of every asset.
He presents a model where AI uses this clarity to automate defense, enforce Zero Trust, and collapse the security stack into a single execution layer.
Most healthcare security programs are built on a faulty premise: leaders think they have visibility, but their asset inventories are neither complete nor accurate. The data they rely on is usually stitched together from Cisco, Aruba, CrowdStrike, and other tools that collectively capture only about 60% of what sits on a hospital network, leaving a vast blind spot of agent-less medical and IoT devices. Years of organic, unplanned IT growth make that gap even wider, creating an environment where a clinician can plug in an unvetted device and no one knows it’s there. The industry has been operating without a full map of its own infrastructure.
Enter Wes Wright, a leader with the perspective to forge a new path. As the current Chief Healthcare Officer at multi-agent orchestrator Ordr Inc., Wright draws on decades of experience from the front lines. He's lived the problem as CTO for the massive Sutter Health system, as SVP and CIO at Seattle Children's, and during a foundational 20-year career in the US Air Force. He maintains that a radical change in thinking is necessary to move forward.
"If I understand every device on the network down to a thousand data points, including the ones that cannot run agents, then the AI can take action safely and accurately across the entire environment," says Wright. In his view, the old security model of policing the network is obsolete. For years, vendors focused on improving the network itself, but that work is irrelevant if you don’t know what’s actually moving across it.
Cars, not roads: Instead, he contends that the focus must be on building intelligence into the devices themselves. That device-centric view is the essential foundation for creating the kind of good, curated data that AI needs to function. It is also the only way to build the orchestration layer required to turn insight into action. "Let's not make smart roads. Let's make smart cars. Once the device becomes the anchor of truth, you finally create a foundation where AI can automate security decisions with real accuracy."
With a complete and trusted asset inventory as the foundation, security and IT operations can be significantly streamlined. Driving this change is the idea of making foundational data more accessible. Within this model, information once locked behind a clunky UI for experts becomes available through simple, natural language prompts, turning visibility into execution. Such an approach allows organizations to automate a Zero Trust architecture, a model advocated by experts as a needed response to the rise in cyber attacks. Doing so allows them to implement official frameworks like the one defined by NIST, turning theory into reality.
Quarantine on command: This action-oriented prompt shows how deep knowledge enables automated defense. "With real device intelligence, defense becomes directive," Wright says. "Tell me if anything on my network behaves differently than it has before and quarantine it." He adds that the same model applies to architecture. "Segment my network according to zero trust principles." Together, the prompts replace weeks of engineering with minutes of execution.
Weeks to minutes: An example involving Smart TVs highlights the potential ROI. Wright describes running a prompt to find all Smart TVs on a clinical network—a major vulnerability—and move them to their own secure segment. The move demonstrates a fundamental redesign of IT processes, and the time savings are stark. "It took four minutes," he says. "It would've taken me four weeks to get a network engineer to do that."
In Wright’s view, the shift from visibility to execution doesn’t just strengthen security. It collapses the tool stack. Once a platform controls the underlying device intelligence and the actions taken on top of it, many point solutions built around narrow slices of data start to lose their purpose. "Microsegmentation vendors only work because they borrow the data we already understand at a deeper level," he notes. "If the platform knows every device and can act on that knowledge, you don’t need a separate product to do the same job." He applies the same logic to vulnerability management. "If I can identify every vulnerability on the network and automatically isolate or segment the affected devices, that replaces an entire category of tools. When you walk through the stack with that lens, you realize how many products become unnecessary."
But in the end, the most important business outcome isn't about technology, says Wright. It's about people. "At Sutter, I had 650 people in infrastructure. With this level of automation, I could have done the same work with a fraction of that team." It underscores how automation rewrites the structure and scale of IT work. "This isn’t just a new tool. It transforms how a health system operates," he concludes.
