Ritwik Batabyal is the Chief Technology and Innovation officer at Mastek. In this capacity, Ritwik facilitates the integration of new and disruptive technologies, monetizes Data and AI technologies across industries and builds partnerships with start-ups and external innovation ecosystems.
Before joining Mastek in January 2022, Ritwik was the GDH of Platform and Solutions for L&T Technology Services Limited. He served as the Chief Technology and Engineering Head of Next-generation Business Products at Wipro for six years. During his 26 years in the IT and engineering industry, Ritwik has identified and implemented technologies to transform enterprise systems into digital solutions, provided technical direction and developed strategy for travel and expense management solutions.
Hi Ritwik, as the CTO and Innovation Officer at Mastek, what have been the most significant technological advancements you’ve implemented since joining the company?
The approach has been centered around leveraging use cases from our existing projects, particularly in the health tech sector. First, we began by understanding the specific use cases and requirements outlined in several projects. This formed the foundation of our approach. Moreover, Customer feedback played a crucial role. During project execution, we often uncovered additional requirements and expectations that were not explicitly stated in the initial project scope. Many nuanced needs and manual validation processes became evident through interactions with customers. To address these uncovered needs, we developed productized, pluggable solutions—like Lego blocks—that could be integrted into existing projects. This approach was driven by the Voice of the Customer (VOC) and aimed to enhance the overall value proposition of Mastek’s offerings. We believe our advanced AI capabilities can play a significant role in healthcare-productized solutions. By leveraging cutting-edge technology, we aim to revolutionize the healthcare sector, enhancing efficiency, accuracy, and patient outcomes
Our collaboration with NVIDIA validated our AI platform, which included three key components:
- Interaction Engine: This engine processed various forms of interactions (e.g., chat, email, SMS) and captured the subtle differences in communication.
- Insight Engine: This engine cleansed and transformed data, creating actionable insights through techniques like embedding and vector formation.
- Correlation Engine: This engine connected interactions with insights, leveraging algorithms to provide meaningful correlations.
This foundational platform supported our efforts to meet the complex and often unstated needs of our customers, ensuring that we could deliver innovative, AI-driven solutions tailored to their specific requirements.
Can you discuss the unique challenges and opportunities you see at the intersection of AI, IoT, 5G, and medical device security?
In recent years, we’ve seen a dramatic growth in adoption of interconnected medical devices, driven by developments in AI, IoT, and 5G. These technologies enable real-time monitoring and data analysis, significantly improving patient care. For instance, AI algorithms can analyze vast amounts of data from IoT-connected medical devices, detecting patterns and predicting health issues before they become critical. The integration of 5G technology promises to revolutionize healthcare by providing faster and more reliable connections, which is crucial for real-time data transfer and remote monitoring.
However, this progress also brings heightened security concerns. Many medical devices lack robust security measures like full end-to-end encryption and user authentication due to constraints in size and computational power. The industry’s challenge lies in balancing the need for advanced functionality with strong security practices. Despite these hurdles, ongoing innovations in hardware technology offer hope. As new materials and designs are developed, we may see enhancements in CPU and memory capabilities that will allow for more comprehensive security implementations in these devices.
One of the most exciting opportunities at this intersection is the potential for AI to improve device functionality and patient care. For instance, AI algorithms can analyze vast amounts of data from IoT-connected medical devices to detect patterns and predict health issues before they become critical. Similarly, the rollout of 5G technology promises to modernize the healthcare sector by providing faster and more reliable connections, enabling real-time data transfer and remote monitoring.
However, these advancements come with unique challenges. The more interconnected and intelligent these devices become, the greater the potential attack surface for cybercriminals. Ensuring security measures while maintaining device functionality is crucial. Additionally, the industry must manage regulatory hurdles and ensure that new technologies comply with stringent healthcare standards.
What potential consequences of cyberattacks on medical devices do you believe are most critical to address, and how can these risks be mitigated?
Cyberattacks on medical devices can lead to severe consequences, including the potential for malfunction or misuse. For instance, 17{7df079fc2838faf5776787b4855cb970fdd91ea41b0d21e47918e41b3570aafe} of hospital breaches involve IoT devices, with an average of 6.2 vulnerabilities per device. And an alarming example of this is in the 2019 ransomware attack at a Georgia Medical Center that disabled patient monitors, allegedly contributing to an infant’s death. This highlights the urgent need for cybersecurity measures.
To mitigate these risks, human oversight is essential, avoiding automatic feedback loops in medical devices. Regular polling by clinicians can detect malfunctions promptly. Manufacturers should prioritize security in design and train employees comprehensively. Implementing FDA guidelines, conducting cyber assessments, and ensuring proper network segmentation are also crucial. Effective cybersecurity policies and collaboration among medical, IT, and cybersecurity teams will help leverage the benefits of connected devices while minimizing risks.
Could you share with us one particular achievement or metric of your work at Mastek that you’re especially proud of?
We’ve accomplished significant milestones across various fronts, from executing licensed projects in FY23 to transitioning to a nonlinear growth trajectory. Starting from the ground up, we’ve transformed our approach from a traditional services model to one focused on promoting innovation through incubation. This shift has allowed us to build and scale our operations efficiently.
However, the most significant among these achievements are our strategic initiatives like Mastek Ventures, through investments in startups such as VolteoEdge and the adoption of data-driven solutions, we’ve expanded our service offerings into connected enterprise services. These investments highlight Mastek’s commitment to leveraging Data, AI, and IoT technologies to empower our customers in a Connected Economy.
Another achievement that stands out is the validation we received from NVIDIA. The fact that NVIDIA’s engineering team chose to work with us is a testament to the value and challenge we brought. The partnership validates our technical capabilities and significantly impacts the company’s growth and reputation.
How do you balance the trade-off between functionality and security in the development of network-connected medical devices?
Balancing security and functionality in network-connected medical devices is no easy feat. The key is to integrate security measures without compromising the device’s essential functions. This often involves innovative design strategies that maximize the limited computational resources available. While hardware advancements may eventually ease this balancing act, current solutions require a meticulous approach to design and continuous collaboration between clinicians and manufacturers to ensure both safety and functionality are maintained. By adhering to rigorous testing standards and updating encryption techniques, we mitigate risks effectively, safeguarding patient care without compromise.
What advancements in hardware technology do you believe hold the most promise for improving the security capabilities of medical devices?
Modern medical devices have massively improved the capabilities of medical devices, and patient care but they come with their own set of security/privacy issues. Recent reports indicate that over 80{7df079fc2838faf5776787b4855cb970fdd91ea41b0d21e47918e41b3570aafe} of medical device manufacturers and healthcare providers have encountered cybersecurity incidents. highlighting the need for immediate security solutions.
To address these issues, new materials and user-friendly designs are being explored to enhance CPU and memory capabilities. This allows for comprehensive security measures like end-to-end encryption and strong user authentication without compromising device functionality.
Additionally, we are deploying secure hardware components such as trusted platform modules (TPMs) and using AI-powered real-time monitoring systems. These solutions enable proactive threat detection and response, ensuring continuous and secure healthcare services.
Can you elaborate on the importance of human oversight in medical treatments that rely on connected devices and the risks of automatic feedback loops?
Unlike industrial settings where automated feedback loops are routine, medical devices require constant human involvement to mitigate risks effectively. Clinicians play a crucial role in regularly monitoring device outputs and promptly addressing any anomalies that could compromise patient safety. This proactive stance not only safeguards against cyber threats but also ensures uninterrupted care for patients relying on these devices.
How do you advocate for strong security practices among manufacturers, and what specific measures do you recommend for ensuring the safety of connected medical devices?
The approach begins with emphasizing the importance of security right from the design phase. It’s crucial that security isn’t an afterthought but a core component of the development process. To achieve this, I stress the need for comprehensive training for all employees involved in the creation of these devices.
It is recommended that manufacturers integrate security measures such as encryption and user authentication, carefully balancing these with the device’s size and computational limitations. Also, ensuring encrypted communication and strong authentication protocols can significantly reduce vulnerabilities. Additionally, it’s vital to have a clear plan for upgrading existing devices as new security technologies emerge, maintaining the safety and trust of patients.
In your opinion, what role does patient trust play in the adoption and success of network-connected medical implants, and how can this trust be fostered?
When patients believe that their devices are secure and reliable, they are far more likely to continue with these technologies and adhere to their treatment plans. Building this trust starts with manufacturers prioritizing security from the very beginning of the design process.
Transparent communication, coupled with regular updates and proactive customer support, helps reassure patients that their safety is our top priority. By fostering a culture of openness and responsiveness, we can build and maintain the confidence patients need to fully trust and benefit from these advanced medical devices.”
What opportunities do you see for collaboration between manufacturers, healthcare providers, and cybersecurity experts to enhance the security of medical devices, and what steps are necessary to facilitate these partnerships?
Uniting expertise from various fields indeed helps in better opportunity for the whole ecosystem. These partnerships can facilitate the sharing of knowledge and resources, leading to the development of more secure and reliable devices. To foster such collaborations, it is crucial to establish clear communication channels and joint initiatives focused on security. Additionally, regular training sessions, workshops, and collaborative research projects can also help align the goals and efforts of all parties involved.