Hello, HealthTech community. Welcome to the first HealthTech Top Voice interview series with Dr. Guru Gurushankar, Senior Vice President and General Manager at ColorTokens.
The latest HealthTech Top Voice Interview features an enlightening discussion with Dr. Guru Gurushankar, a prominent figure in the health technology sector and Senior Vice President and General Manager for the HealthCare and Life Sciences (HCLS) verticle at ColorTokens. In this compelling conversation with the Head of Marketing of Intent Amplify Sudipto Ghosh, Dr. Gurushankar shared his extensive experience from imaging systems to connected personal care devices and digital health solutions.
Dr. Gurushankar also discussed the various aspects of healthcare technology and the role of CISO in Health Technology. He also shares his visions and ideas, emphasizing the urgent need for integrating technology into healthcare systems to improve patient outcomes and streamline operations.
Join Dr. Gurushankar as he delves into how DigitalCare and Life Sciences are leading the transformation in health technology.
Hi Dr. Gurushankar, welcome to the HealthTechnology Top Voice Interview Series. Please tell us about your journey in the health tech industry and how you arrived at ColorTokens.
My journey in the health tech industry has been extensive and multifaceted. I’ve contributed to various innovations, spanning product development, business strategies, and technological advancements. My experience encompasses various technologies, from imaging systems to connected personal care devices and digital health solutions. Joining ColorTokens is a natural progression in my career, as it allows me to continue bringing cutting-edge technology to providers and patients.
Currently, the industry faces two critical challenges: innovation and protection. While developing new solutions for providers and patients is essential, it’s equally important to safeguard the technologies our doctors, nurses, administrators, and patients rely on. We maximize our impact by creating new advancements and protecting established ones. Protecting technologies ensures that all innovations continue to benefit physicians, nurses, and patients, driving meaningful progress in health tech.
Recommended: Grindeks Expands to New Global Export Markets
Why should IT security be a part of the modern healthcare technology stack? Please give us a few examples to illustrate your point of view.
IT security is an essential component of the modern healthcare technology stack due to the increasing reliance on technology in clinical and business operations. Advanced technologies, such as AI-driven scheduling and clinical diagnosis, require vast amounts of personalized health information (PHI) to function effectively. This data is critical for developing accurate and efficient models for clinical purposes or operational enhancements.
Given the integral role of PHI in these smart solutions, robust IT security measures are necessary to protect this sensitive information. For example, AI-driven clinical diagnosis systems rely on large datasets of patient information to improve diagnostic accuracy. Similarly, AI-driven scheduling systems optimize appointment times and resource allocation using patient data. Without strong IT security like network micro-segmentation to prevent lateral breaches, the risk of data breaches and cyber incidents increases, potentially compromising patient privacy and the integrity of healthcare operations.
In the future, I can foresee IT security teams evolving into resiliency teams tasked with ensuring hospital systems can maintain their operations seamlessly, regardless of cyber threats. This shift underscores the importance of integrating IT security into the healthcare technology stack to safeguard current and future innovations.
Who owns the cyber security outcomes in a healthcare organization: CIO or CISO? Why do you think so?
Cybersecurity outcomes in a healthcare organization are a collective responsibility. The traditional boundaries between the CIO, CISO, and other groups are becoming increasingly blurred, and the siloed approach to cybersecurity is becoming outdated. Hackers do not differentiate between the roles of CIO and CISO when targeting an organization. Our systems, including clinical decision-making and diagnostic tools, are indifferent to these titles. Cybersecurity must be viewed as a shared responsibility across the entire organization.
In the future, we can expect the roles of IT and security teams to evolve towards building operational (cyber) resiliency. This means ensuring that healthcare operations can continue seamlessly, even in the face of cyber-attacks. Currently, the CIO is often seen as responsible for maintaining operations, while the CISO is tasked with security. However, this division is artificial and unsustainable.
Security should not be the responsibility of a single individual or team; it is a collective effort.
Ultimately, the focus should be on creating resilient systems that operate effectively despite cyber threats. This shift in perspective will help ensure that cybersecurity is integrated into every aspect of healthcare operations, making it a fundamental part of the organization’s overall business strategy.
Recommended: Oneview Healthcare Reveals New Brand Identity for Care
Our most popular question: “What is the role of CISOs in the healthcare industry?”
Could you elaborate on the evolving role of cybersecurity teams for healthcare organizations?
Essentially, the CISO acts as the business continuity officer, ensuring that clinical and business operations remain uninterrupted. In clinical operations, technology is increasingly used to augment the capabilities of healthcare professionals, such as radiologists, by enhancing diagnostic accuracy. Similarly, technology supports scheduling, billing, voice translation, and note-taking functions in business operations. As these areas grow, the CISO’s role becomes crucial in safeguarding these technologies and ensuring their seamless operation.
The CISO must ensure that clinical and business operations are resilient against cyber threats. This involves not only protecting sensitive patient data but also maintaining the functionality of critical systems. By doing so, the CISO becomes an integral business partner, contributing to the day-to-day operations of the healthcare organization and ensuring that technology-driven processes are secure and reliable.
AI has made a significant impact on healthcare and life sciences research. Could you tell us how AI companies could further refine healthcare outcomes in the US?
AI has fundamentally transformed healthcare and life sciences research by addressing complex, multi-parameter problems that are challenging for the human mind to process. AI’s ability to analyze vast amounts of data quickly and accurately is at the core of these advancements, enabling faster and more precise solutions to healthcare challenges.
For example, discovering new molecules in the pharmaceutical industry has shifted from a labor-intensive lab exercise to an AI-driven, data-centric approach. AI and molecular modeling technologies have significantly streamlined the identification of promising compounds (the proverbial hunting for the needle in the haystack), accelerating the drug discovery timeline. This transformation allows life science companies to narrow down potential molecules more efficiently, bringing innovative treatments to market faster.
Moreover, AI optimizes scheduling, billing, and resource allocation in healthcare business operations. AI in cybersecurity (e.g., Rapid policy development and deployment in micro-segmentation) ensures the protection of sensitive patient data and the integrity of healthcare systems. Together, these AI applications ensure that the healthcare value chain, from innovation to patient care, is the smartest, fastest, and safest.
Recommended: TruBridge Named Preferred Partner for RCM by Cibolo Health
Healthcare companies are lagging in cyber defense frameworks and strategy development. What are the key things you have identified resulting in this lag?
The key factors contributing to this lag are:
The healthcare industry lags in cybersecurity investments for several reasons despite being a prime target for cyber threats.
Some key factors include:
1. Regulatory Complexity & Compliance-Driven Mindset
Many healthcare organizations focus on compliance (e.g., HIPAA, GDPR) rather than proactive cybersecurity investment. Regulatory changes can also delay decision-making and slow down the adoption of new security technologies.
2. Budget Constraints & Competing Priorities
Healthcare organizations operate on tight budgets, and cybersecurity often competes with patient care investments (e.g., new medical equipment, research, staffing).
Many executives prioritize direct patient care over IT security, perceiving cybersecurity as an operational cost rather than a critical risk management function.
3. Legacy Systems & OT Complexity
Many healthcare providers rely on legacy IT and OT systems (e.g., outdated medical devices, hospital networks) that were not designed with security in mind, and equally importantly, the intermixing of the OT and IT environments in hospitals.
Replacing legacy infrastructure is costly and disruptive, making security upgrades difficult. Many medical devices have long lifecycles (10+ years) and lack patching capabilities, exposing them to vulnerabilities.
4. Underestimation of Cyber Threats
Many healthcare organizations underestimate the likelihood and impact of cyberattacks. Some still believe they are not prime targets, despite ransomware attacks crippling hospitals and delaying patient care. Cybersecurity is often viewed as an IT problem rather than a patient safety issue, even though cyberattacks can disrupt critical medical services. Many healthcare organizations still rely on perimeter-based security models, leaving them vulnerable to lateral movement attacks.
If your role was a novel/ TV/ movie character, which one would you pick and why?
As a Star Wars fan from the outset, I have to pick Obe-wan Kenobi as my favorite character.
Interestingly, it also translates to our roles today – since we see ourselves as the Jedi Knight, providing cybersecurity tools and training to Luke (CISOs/CIOs) in aid of the republic (enterprises, CFOs/CEOs). The Lightsaber at our disposal is the s/w-defined network micro-segmentation to fight the Dark Side (hackers).
What are your predictions for the cyber tech AppSec and AIOps markets in 2025?
The cyber tech AppSec market will grow more than any research reports currently indicate (250B in ‘25).
The drivers for the growth are the rise of zero trust security and breach-ready architectures in response to increased hacks, AI and ML in cyber defense, the rise of cybersecurity driven by increasing cloud adoption, and all the regulatory compliance driven by these factors. The last 2 years have shown that no one sector of the economy is immune from these cyber-attacks.
The AIOps market will also grow at a higher growth rate (mid-20s) but grow from a lower base.
Tag a leader in the cybersecurity industry or an influencer you would like to invite to a CyberTech Top Voice interview roundtable discussion:
My first choice is always to listen to the customer, their pain points, and how we could help them succeed.
Here, it would be beneficial to have someone in the cyber insurance industry speak at a CyberTech Top Voice roundtable discussion to get a different perspective on this problem. It will be interesting to hear their take on how the technologies we are developing are helping them visualize, quantify, and effectively manage the risks they undertake as underwriters.
Thank you so much, Dr. Gurushankar, for your time and consideration. We look forward to speaking to you again at HealthTech Insights.
Recommended: Syra Health Wins More Healthcare Training Contracts
To participate in our interviews, please write to our HealthTech Media Room at news@intentamplify.com
About Dr. Guru Gurushankar
Proven healthcare leader with global experience driving growth and innovation through strategy, M&A, marketing, and product development, including cloud-based technologies. Skilled in balancing short-term execution with long-term planning, delivering results across the US, EMEA, and Emerging Markets.
About ColorTokens
ColorTokens, the premier enterprise microsegmentation provider, specializes in making organizations “breach ready” by halting the lateral spread of ransomware and malware within complex network infrastructures using its innovative ColorTokens Xshield™ platform. Recognized as a Leader in the Forrester Wave™: Microsegmentation Solutions, Q3 2024 evaluation, ColorTokens safeguards businesses by thwarting ransomware and malware attacks, ensuring significant operational continuity.
