Healthcare & Pharma , Industries

AI Endpoint Shields India's Premier Sir Ganga Ram Hospital

The Hospital Leverages AI-Based Security Tools to Protect Critical Infrastructure
AI Endpoint Shields India's Premier Sir Ganga Ram Hospital
Arun Goyal, CIO, Sir Ganga Ram Hospital

Healthcare institutions, which usually have legacy infrastructure, limited budgets and small IT support teams, are soft targets for cyberattackers. They often lose the battle against attackers who use advanced tools to launch sophisticated attacks. Acknowledging this, Delhi's Sir Ganga Ram Hospital, one of the oldest hospitals in the region, opted for a modern approach. It embraced AI-based security tools to keep its critical infrastructure safe.

See Also: Healthcare Edition: Trends in Generative AI Tool Adoption and Security Challenges

According to a study by SentinelOne, in the first quarter of 2023, the healthcare sector experienced nearly 1,700 attacks per week - a 22% increase over 2022, when it was the victim of a record 1.9 million attacks in total. In November 2022, India's premier healthcare institute All India Institute of Medical Sciences, AIIMS, reported a massive cyberattack on its servers, which affected patient care services such as appointments, registrations, admissions, discharges, billing and report generation.

For Sir Ganga Ram Hospital, the biggest challenge to ensuring cybersecurity was endpoint security. The hospital has more than 5,000 employees who work in shifts and share endpoints.

Arun Goyal, CIO, Sir Ganga Ram Hospital, said that when he assessed the hospital infrastructure in 2021, he found that legacy systems were used and the endpoints did not have adequate protection. There was a lack of awareness among employees regarding cyber hygiene, resulting in the inadvertent opening of malicious email attachments or clicking on malicious links. Consequently, endpoints would become infected and unresponsive; files would get corrupted. Administrative and operational functions in the hospital were severely impacted.

"[In the post-COVID era] people are working from home and working remotely, so you have to have endpoint security, where in the absence of the Internet or your access to the endpoint, you have something sitting there to stave off threats," Goyal said.

Diwa Dayal, managing director, India and SAARC, SentinelOne, said protecting legacy infrastructure from cyberattacks is a key challenge that CIOs grapple with today.

"The adversaries are not using outdated tools, so it is important for the CIO to keep up by using the latest in cybersecurity tools and platforms," Dayal said.

Goyal said that 80% - 90% of the attacks on his hospital were happening from "inside-out," so they had to ensure protection at the endpoint, gateway and DNS levels.

To counter these challenges, the hospital began scouting for endpoint gateways as it needed gateway-level security. But the solution had to fulfill certain criteria - and there was a wish list of features.

Selection Criteria

First and foremost, the solution had to be AI-enabled because the hospital had to be one step ahead of potential attackers - who may use AI for sophisticated attacks. The hospital also has a diverse staff - clinicians, nurses, administration and IT - who share the endpoints; many are not IT savvy. Hence an AI-based solution was required to monitor different user behaviors.

"In the changing cybersecurity environment and with the evolution of ChatGPT, we knew we needed to be much stronger in our endpoint security and leverage the same AI capabilities adversaries are using to execute attacks to keep our infrastructure and data safe," Goyal said."

Various EDR and XDR solutions were evaluated but the ones with AI capabilities were shortlisted. Goyal and his team were looking for an AI-enabled endpoint that could monitor user behavior. Three endpoint gateway solutions were identified but they finally opted for SentinelOne's SingularityXDR.

The Solution

SingulariltyXDR is an intelligence-driven platform that extends protection beyond the endpoint, providing visibility, AI-powered protection and response capabilities that security teams can use to defend the entire technology stack.

"One thing that attracted us toward SentinelOne was the AI sitting within it. I saw that the agent on the endpoint devices [laptops and desktops] is very small in comparison to other [competing] solutions. It also has good malware detection capabilities and works even in the absence of internet connectivity," Goyal said.

The other reason for choosing this solution, he said, is that it automatically updates itself over the cloud. Goyal is confident that having the latest technology will protect the hospital's IT infrastructure from sophisticated attacks.

Implementation and Road Map

The hospital encountered a challenge during the implementation phase. They ran into a roadblock as they were using an old version of an operating system. This problem was resolved by their internal IT team and their implementation partner.

Goyal acknowledges that there has been a "drastic reduction" on the number of cyberattacks after deploying this solution.

He is now planning to outsource his security management functions to a security operations center. Goyal also plans to engage a third party to create a security awareness program for the hospital's employees. The aim is to have "more disciplined behavior." The third party will also undertake penetration testing and conduct phishing simulations to improve awareness.

"Everybody's taking care of endpoint and gateway-level security and data at rest. But one should be taking care of the data in transition as well. Because that is the one piece which is very vulnerable. And with SentinelOne, we can do this," Goyal said.


About the Author

Brian Pereira

Brian Pereira

Sr. Director - Editorial, ISMG

Pereira has nearly three decades of journalism experience. He is the former editor of CHIP, InformationWeek and CISO MAG. He has also written for The Times of India and The Indian Express.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cio.inc, you agree to our use of cookies.