How data analytics can boost health IT security

IT security will evolve as interactive devices and the internet of things become more entrenched in military health

Doctor in holding tablet with medical images floating out of it
Thinkstock

It’s frightening to consider that the new generation of combat might extend to the very hospital beds of our wounded veterans. But no less than that is at risk when we talk about security of health IT systems.

Because of development and acquisition cycles, a medical device is already three years old by the time it is in active use in the Military Health System (the hospitals and clinics of the various armed forces). On average these devices have a nine-year life expectancy. At the same time, a typical operating system may be as much as 12 years old. Together that spells a far less secure IT environment overall.

As interactive devices and the internet of things become more entrenched in military health, the health information of our military can easily become compromised. More importantly, it is absolutely possible that bad actors can take control of unsecured medical devices. White hat hacking demonstrations have shown that steering and braking controls of Jeeps already can be overridden. Imagine if that same approach is taken to control automated IVs or monitoring equipment in hospital ICUs.

There is a wealth of data within the military health system. Health IT professionals need to harness that data to create business and medical intelligence – not so much collection and querying, but exploiting big data for information on how systems need to be securely positioned. We don’t need systems to tell us what already happened, but to predict how to best use and position our medical resources to cater to service members and their families.

By marrying data analytics with security, this mass of information should be able to provide possible lines of defense in the fight against cybersecurity intrusion. That’s the next generation of security. Monitoring and other security tools will become predictive rather than static – sharing insights that might otherwise have been missed, or to react faster to potential threats than a human may have been able to react previously.

How does this also apply to security?

Data analytics is an important tool for looking at the overall IT ecosystem and across devices. IT professionals can see which devices are up to date, which may not have been patched in a while, and which may be at the end of their useful life.
Questions that the Military Health System is already undertaking to answer include: Which IV pumps already meet security and interoperability standards? How can the 10 or so networked devices in an ICU communicate with each other and externally in a secure manner? These cybersecurity efforts are essential, not an added burden, and analytics can offer real help.

We’ve already touched on traditional network monitoring, but this is another area where data analytics and security come together. Central monitoring for threats to the network happens through the Defense Health Agency Network Operations Center (DNOC) in San Antonio. This is the front line for monitoring cyber threats for defense health. When the network is secure, analytics is still helpful to identify trends to learn from.

Defense from ransomware

Along these same lines, the DOD health community needs to leverage predictive analytics to protect against cyber threats such as ransomware. There is a rapidly growing list of examples of ransomware targeting the health industry. Predictive analytics can look for deviations from how the network should behave, rather than relying on known signatures (which is not wholly effective when threats are continually evolving).

Again, the prevalence of connected devices and ever-evolving threats require traditional cybersecurity be tied to analytics. Data and analytics must be used not to describe what already happened but to augment current practices to map out the way ahead.

It is critical to secure medical devices, especially as they communicate and function with other devices and IT networks. Because medical devices are increasingly becoming IT devices, they are the best way to underscore the importance of securing IoT devices in a network. It’s not just information, but the very loss of life and limb that’s at stake.

This article is published as part of the IDG Contributor Network. Want to Join?

New! Download the State of Cybercrime 2017 report