Software Integrity Blog

Archive for the 'Healthcare Security' Category

 

More medical mega-breaches thanks to third-party insecurity

The AMCA breach hammers home the need for supply chain security. Here’s how to vet your vendors so you can keep from becoming the next Quest or LabCorp.

Continue Reading...

Posted in Data Breach, Healthcare Security, Maturity Model (BSIMM) | Comments Off on More medical mega-breaches thanks to third-party insecurity

 

Treating security like safety: What the FDA’s recognition of UL 2900-2-1:2018 means for developers

UL 2900-2-1 calls for the secure design and security testing of medical devices. What does the FDA’s adoption of the standard mean for your development team?

Continue Reading...

Posted in Healthcare Security, Medical Device Security | Comments Off on Treating security like safety: What the FDA’s recognition of UL 2900-2-1:2018 means for developers

 

Complex but helpful: Negotiating FDA guidance to build a cybersecurity program

FDA cybersecurity guidance is informed by a long list of standards and recommendations. How can manufacturers translate these documents into practices?

Continue Reading...

Posted in Healthcare Security | Comments Off on Complex but helpful: Negotiating FDA guidance to build a cybersecurity program

 

Throwback Thursday: Whatever happened to Anthem?

Whatever happened to Anthem? In 2014–2015, the firm suffered the largest healthcare data breach ever. But healthcare cyber security has improved since then.

Continue Reading...

Posted in Data Breach, Healthcare Security | Comments Off on Throwback Thursday: Whatever happened to Anthem?

 

The IoT within us: Network-connected medical devices

The Internet of Things is now inside us. But network-connected medical devices are troubling, considering the history of medical device vulnerabilities.

Continue Reading...

Posted in Healthcare Security, Internet of Things, Medical Device Security | Comments Off on The IoT within us: Network-connected medical devices

 

Medical device security improvements coming—but not anytime soon

Will the cyber security of medical devices improve with the FDA’s adoption of UL 2900-2-1? Most devices weren’t designed to be connected to the internet.

Continue Reading...

Posted in Healthcare Security, Medical Device Security | Comments Off on Medical device security improvements coming—but not anytime soon

 

Cardiac patient data at risk, Philips reports

It’s never good news to find out that both your personal and clinical information could be compromised by the software platform your healthcare provider is using.

Continue Reading...

Posted in Healthcare Security, Medical Device Security | Comments Off on Cardiac patient data at risk, Philips reports

 

Medical devices still hackable, researchers say

What makes medical devices hackable? The same thing that makes websites hackable: software vulnerabilities. But the consequences are far worse than stolen data.

Continue Reading...

Posted in Healthcare Security, Medical Device Security | Comments Off on Medical devices still hackable, researchers say

 

How to help your medical devices meet the UL (and FDA) standard

The FDA’s adoption of UL 2900-2-1 as a consensus standard for premarket certification of medical devices means the world is about to change—for the better.

Continue Reading...

Posted in Healthcare Security, Medical Device Security | Comments Off on How to help your medical devices meet the UL (and FDA) standard

 

Building security into connected medical devices

The FDA now recognizes UL 2900-2-1 and UL 2900-1, the first guidance that sets specific criteria for cyber security testing of connected medical devices.

Continue Reading...

Posted in Healthcare Security, Medical Device Security | Comments Off on Building security into connected medical devices