Visibility Solutions

Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.

Resources

Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.

Blog

The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners

Partners

Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.

Company

Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.

Contact

Whether you are ready to make a network TAP your foundation of visibility or just have questions, please contact us. Ask us about the Garland Difference!

Blogheader image.png

TAP Into Technology

Leading the Way in Network Technology

Hijacking Healthcare: Is DTSec Regulation the Solution for IoT enabled devices?

Posted by Tim O'Neill | 9/13/16 8:00 AM

The recent jump in cyber attacks against the healthcare industry—especially ransomware attacks—aren’t a coincidence. The reality is that the healthcare industry presents the perfect opportunity for attackers.

A balance of valuable personal data and hospitals that simply aren’t prepared for advanced attacks

In May 2016, the Diabetes Technology Society (DTS) took a step forward in defending the new world of connected healthcare devices by releasing the DTSec standard. Now the question remains—can this new standard change the cyber security narrative for an ailing healthcare industry?

What Is DTSec?

The DTS Cybersecurity Standard for Connected Diabetes Devices (DTSec) was released with the goal of making the healthcare industry more confident in the security of network-connected medical devices. While the standard will first focus on life-critical diabetes devices (such as insulin-pump controllers), it can be applied to any medical product. 

DTSec hinges on thorough, independent expert evaluations of connected healthcare devices. The DTSec standard contains specific performance requirements that provide a concrete measurement platform for device security.

Download the Protecting the Data eBook

Certain approved labs will conduct the DTSec tests and the fundamental idea is that having multiple stakeholders involved in the process—not just a biased vendor—will improve the state of healthcare security. 

With the ISO/IEC 15408 international standard for computer security certification at its heart, DTSec can potentially offer the healthcare industry a framework necessary for protecting Internet of Things (IoT)-enabled devices. However, the truth is that deploying medical devices that are built with security in mind is only one step toward securing electronic health records.

Why DTSec Can’t Change Healthcare Security by Itself

Urgent patient care is the chief concern for healthcare providers, which is why budget is generally used for increasing staff as opposed to consistent security equipment upgrades. However, IoT-enabled devices are becoming essential to providing quality patient care and improving outcomes in life-or-death moments. 

Improving the security features of connected healthcare devices is important, which is why DTSec is such an important new standard. As IoT-enabled products become more inherently secure, the entire stack of security solutions must improve as well.

Keeping hackers from controlling devices such as insulin-pump controllers is an obvious concern for patient safety. However, The DTSec standard does not include testing or certification for in-line security appliances such as next-gen firewalls and intrusion prevention systems.

As IoT devices collect increasing amounts of patient data, defending hospital networks themselves—not just the smart devices—will become more critical than ever. Without a solution in place to identify and mitigate attacks, having DTSec-approved devices in place won’t mean much.

Visibility Is the First Step in Defending Healthcare

DTSec can certainly change the narrative for IoT-enabled medical device security. However, the narrative remains the same for the rest of the healthcare network. In any cyber security strategy, visibility must be the first step—especially as more in-line security appliances become necessary at the edge of the network.

2015 may have brought the 5 biggest data breaches in the healthcare industry, but 2016 is already proving to be equally troublesome for healthcare providers. Budgets are tight, but you have to build visibility into your cyber security plan as you continue complicating the security stack. 

Topics: Network Security, Hacks and Data Breaches, Industrial Ethernet, Healthcare

Written by Tim O'Neill

As the Senior Technology Consultant & Chief Editor at LoveMyTool, Tim O’Neill has over 45 years of technology experience at data/voice and video networking analysis companies, including successful senior roles in Sales, Product Design, Marketing Management, Business Development and Security.