Cyber-attacks against hospitals are becoming more common amid digital transformation in healthcare. They have led to large-scale data leaks of electronic health records (EHR) and hospital closures. So why is the network security of hospitals so fragile?

Digital Transformation in Healthcare Widens Attack Surface

Digital transformation in healthcare is taking place at a rapid pace. Hospitals are pushing digital initiatives to provide high-quality patient care and improved patient convenience. To do this, hospitals are adopting technologies called the Internet of Medical Things (IoMT). A Deloitte report estimates that the IoMT market is worth $158.1 billion in 2022. However, IoMTs have widened attack surfaces and open hospitals to greater risk of cyber-attacks. IT security staffing has not caught up with digital transformation in healthcare. Hospitals simply do not have the numbers and expertise for round-the-clock security operations to keep their network secure.

Digital Transformation in Healthcare Complicates Processes

The widespread adoption of multi-cloud environments has also left hospitals more vulnerable. Hospitals face steep learning curves to understand the management methods, security policies, and handling procedures of different cloud service providers (CSP). These may hinder a hospital’s ability to respond to security incidents in time and miss the "golden time" for remediation.

Digital Transformation in Healthcare Demands Advanced Security

The existing security technologies of hospitals cannot keep up with the constant evolution of adversary tools and techniques. Updating and purchasing extra protection is costly. This makes it hard to strike a balance between cost and effectiveness.

In the face of intensifying cyber security threats, what can be done to secure digital transformation in healthcare? How can we protect the critical data and systems of hospitals? Let’s see how Zhongshan Hospital answered this question.

Zhongshan Hospital Case Study

Zhongshan Hospital Zhongshan Hospital is a major teaching hospital in Shanghai, China. It is driving a new "Internet + Healthcare" digital healthcare model.

Zhongshan Hospital 2


To safeguard its project, Zhongshan Hospital has taken a proactive approach to address the three challenges mentioned above. The hospital has basic security in place, such as an IT security team and security devices, but it believed it needed an end-to-end security system to replace "static protection" with "dynamic operation".  

With this vision, Zhongshan Hospital chose to leverage Sangfor Cyber Guardian, a managed detection and response (MDR) service. With Cyber Guardian, the hospital built a security operations platform (hereafter referred to as Platform) that provides 24/7 automated threat detection and response. The platform integrates the hospital’s on-prem security set-up with Sangfor’s online security experts and cloud-delivered solutions. They continuously monitor assets to detect vulnerabilities, threats, and attacks to protect the hospital’s digital transformation.

Digital Transformation in Healthcare - Zhongshan Hospital human-machine intelligent

1. Security Management of the Application Lifecycle

The platform protects the hospital’s applications in three main stages of the application lifecycle — deployment, O&M, and decommissioning. Various measures are implemented to protect the hospital’s applications, including the ECS, HRMS, HIS, LIS, and CTMS.

Before an application is deployed, a complete security assessment is conducted, including code auditing, penetration testing, and vulnerability scanning.

After an application is deployed, Sangfor's security experts conduct 24/7 threat monitoring, detection, and response. Sangfor’s experts also assist the hospital’s O&M team with incident handling and policy optimization. Risks associated with application upgrades and evolving adversary techniques are also mitigated. 

When an application is to be decommissioned, the hospital’s O&M team design a decommission plan, recycle resources, and delete configurations. This is done according to a standardized process to avoid shadow assets.

Digital Transformation in Healthcare - Zhongshan Hospital Security Management of the Application Lifecycle

2. Unified security operations management in a multi-cloud environment

To solve the security issues of a multi-cloud environment, the hospital needed a security operations system that offers unified management.

The Platform integrates the on-prem security team and devices, the CSP, and Sangfor’s online security experts and solutions into a unified system. The Platform issues tasks to each role to achieve closed-loop remediation. All security incidents and high-risk vulnerabilities are handled in an efficient and accurate manner. 

The speed and accuracy of issuing tasks is important in such a unified system. In this respect, Sangfor’s MDR service plays a crucial role. The AI-enabled Platform and Sangfor’s security experts combine to detect all threats within 1 hour. The hospital’s security team is alerted within 30 minutes. When faced with advanced attacks such as APT and ransomware, the hospital no longer has to rely on one security engineer. Sangfor shortens the analysis and investigation time by one third using its case handling, use case, and survey libraries.  These are accumulated from serving over 2,000 MDR customers and greatly improves the accuracy of threat remediation.

The Platform can also map security risks and events with intuitive indicators. Data and graphs are provided with weekly, monthly, quarterly, and annual security reports. These allow the IT security team to conduct daily security work more efficiently and support future security construction decisions.

Digital Transformation in Healthcare - Zhongshan Hospital Unified security operations management in a multi-cloud environment

3. An efficient and cost-effective on-prem & online response mechanism

Thanks to Cyber Guardian MDR, the hospital built the “human-machine intelligence” Platform without any no increase in personnel and equipment investments.

On-prem and online correlation ensures efficient incident response. The hospital solved the two major security challenges of healthcare organizations — the lack of IT security personnel and high security construction costs.

With the help of Sangfor Cyber Guardian MDR, Zhongshan Hospital has truly established a robust end-to-end security system for a secure digital transformation in healthcare.

Digital Transformation in Healthcare - Zhongshan Hospital An efficient and cost-effective on-prem & online response mechanism

Secure Your Healthcare Digital Transformation with Sangfor  

Digital transformation in healthcare is a truly virtuous act, helping to improve patient care, curing illnesses, and saving lives. Do not allow bad actors with cruel intentions to destroy this.

Sangfor is a specialist provider of cyber security and cloud computing solutions. Thanks to a dedicated healthcare business division and rich industry experience, Sangfor is perfectly positioned to help healthcare organizations build and secure their digital transformation initiatives. Contact Sangfor for a free consultation and see how we can help you build a productive and safe digital healthcare system.

For more information on cyber security risks and digital transformation in healthcare, please feel free to read the following articles:


Contact Us to Learn More

Listen To This Post


Get in Touch

Get in Touch with Sangfor Team for Business Inquiry

Related Articles


Index Living Mall

Date : 23 Aug 2022
Read Now


J&T Express

Date : 19 Aug 2022
Read Now

Manufacturing & Natural Resources

PT Toyota Astra Motor (TAM)

Date : 11 Jul 2022
Read Now

See Other Product

Cyber Command - NDR Platform
Endpoint Secure
Internet Access Gateway (IAG)
NGAF - Next Generation Firewall (NGFW)
SASE Access
icon notification