Sandeep Kamble, Founder and CTO, SecureLayer7

Sandeep is a cybersecurity professional with 9+ years of experience bringing together the best security experts to simplify the complicated cybersecurity problem. As the Founder and CTO of SecureLayer7, from the beginning of 2013, Sandeep built its vision, strategy, and direction. As a bootstrapped startup, Sandeep has worked towards building a stable and reliable cybersecurity firm with remarkable growth.


India has proved itself to be the fastest-growing digital economies over the past few years and the recent pandemic has further enhanced this growth. One such prominent sector, which has gain rapid growth in digitisation after the COVID outbreak, is the Indian Healthcare segment. From e-consultations, guided video examinations, email prescriptions, and even e-retail of medicines, digital became a way of medical practice. And just like every other sector, digitisation of Healthcare also involves extensive data collection, storage, and analytics, which is at the core of creating effective innovations in the sector. This is of particular significance in times like COVID, which allows healthcare workers, medical practitioners, and governments to gain insights into disease patterns, outbreak severity, resistance, etc., based on socio-economic and demographic distribution – factors vital in case of innovating vaccines and drafting preventive strategies.

However, with such vast data reserves, digitisation has also made healthcare a more vulnerable sector to cyber-attacks which can play havoc, compromising the discretion of patient records, and can lead to both financial frauds as well as a loss of life. As per industry estimates, stolen records commanded anywhere between US$50 to US$20,000 until only last year and India has seen a 37% increase in cyber-attacks in the first quarter (Q1) of 2020, as compared to the fourth quarter (Q4) of last year.

The Healthcare sector of India is currently rated as the sixth-largest market globally as predicted by Indian Pharmaceutical Congress, and it has also become a prominent target for cybercriminals. According to a report, Banks and Financial institutions – another emerging sector that is adopting digitisation and has been a target of cyber-crimes in India, allocate upto 15-20% of their budget for IT security infrastructure. However, Hospitals allocate not more than 5% of their budget, making them increasingly ill-prepared to cyber-attacks. Apart from the numbers, the key factors leading to the urgent need for cyber-security in healthcare can be highlighted as under:

1. Theft identification: In a country with a population like India, access to significant databases like Personal Identifiable Information (PII) and Personal Health Information (PHI) could help cybercriminals gain information like birth and death records and help facilitate identity thefts, which can lead to dire consequences. From pension and insurance claim benefits to shielding criminals, identity theft could be one of the most dangerous cyber-crimes.

2. Financial Fraud: Vital financial and insurance information is a significant part of the healthcare database. Access to this could lead to organised financial frauds, false insurance claims, and even huge losses to individual patients as well as hospitals, who could potentially be robbed of the money.

3. Risk of Patient Fatalities: With the rise in healthcare technologies that leverage Machine Learning, Artificial Intelligence, Blockchain, and Internet of Things (IoT), innovations like the Internet of Medical Things, medical implants, and support devices used as part of essential patient care, have shaped the digital healthcare market. The increased use of connected medical devices for location-based trackers and remote monitoring, especially during the time of the pandemic, has exposed a large amount of data and a number of individual patient lives to cyber-attacks, making them vulnerable to external control or even risk their wellbeing and life, in case of erroneous device usage or complete malfunction brought about by cyber-attacks.

4. Hostage situation for Hospitals and Institutions: There have been instances of ransomware and malware attacks, where hospitals and medical institutes are held hostage, and important files and software are made unavailable to use until their ransom is paid off. This partial or complete control of hospital operations jeopardises the critical medical care and treatment of 100’s or 1000’s of patients, especially during trying times like a pandemic.

5. Intellectual Property: Lastly, the vast medical data can be stolen and traded off to multinational pharmaceutical companies who are competing for the development of cutting edge vaccines or even new innovations in medicine and immunology, thereby posing a grave threat to the Intellectual property of Indian research organisations as well as doctors.

While the Indian government has initiated the Healthcare Data Protection Law under the Ministry of Health and Family Welfare, the Digital Information Security in Healthcare Act (DISHA) is still under progress and may take a while before all relevant security measures can be implemented as a law. In the interim, hospitals and healthcare institutions, Paramedical services, and pharma and medical research organisations need to wake up to the urgent need of data protection and cybersecurity, if they wish to continue leveraging the best in technological advances, without financial and fatal risks.

If India is to retain its image as a country with robust medical and healthcare infrastructure and continue being a preferred choice for medical tourism, healthcare institutes need to position cybersecurity as an enabler of digital transformation, increasing investment in building up a security foundation.

More about Sandeep Kamble

Sandeep is focused on leading, directing, and executing client-facing engagements that include SecureLayer7’s cybersecurity service offerings. Since SecureLayer7’s founding, Sandeep has created strategies that prioritise and focus on customers and employees. This has become the company’s key strategy, which has led to customer satisfaction reviews reflected in the NPS (Net Promoter Score) of 89%. Under Sandeep’s leadership, SecureLayer7 has successfully increased the delivering value to the customer, which resulted in the 180% growth in the business from the last four years. The company has earned some major accreditations such as CERT-In, ISO 27001.

In 2019, Sandeep founded and introduced two products to the cybersecurity industry. The first one, BugDazz, a Pentest as a service and the second one, AuthSafe, for fighting with online frauds. Before founding SecureLayer7, Sandeep worked as an independent Bug-Bounty Hunter. He reported multiple vulnerabilities to Google, Facebook, Dropbox, Twitter, Paypal, and many others.

Sandeep has completed a disruptive strategy course from Harvard Business School and holds an Engineering Degree in Information Technology from JNEC at Aurangabad, MH, India.

Content Disclaimer

Related Articles