Software Integrity

Archive for the 'Healthcare Security' Category

 

Physician hackers: Healthcare security is in critical condition

FUD—fear, uncertainty, and doubt—is usually met with relentless mockery in the cyber security world, since it’s sometimes used to try to frighten people into buying a product. But nobody was mocking the FUD generated by a live simulation of a hack of an infusion pump that then delivered a massive overdose of medication to a […]

Continue Reading...

Posted in Healthcare Security, Security Conference or Event | Comments Off on Physician hackers: Healthcare security is in critical condition

 

What’s in your containers?, Spring Break vulnerability, cyber security in healthcare

Open Source Insight makes the transition to the Synopsys Software Integrity (SIG) blog this week, and you can find us here, as well as the latest posts from SIG technology evangelist Tim Mackey. This week’s edition looks at security for container images, cyber security in healthcare, how most data breaches occur, and a host of […]

Continue Reading...

Posted in Blockchain Security, Containers, Data Breach, Healthcare Security, Open Source Security | Comments Off on What’s in your containers?, Spring Break vulnerability, cyber security in healthcare

 

How can the healthcare industry protect itself from cyber threats?

Software security and healthcare industry professionals operate at opposite ends of the spectrum. Security aims to maintain a secret. Healthcare aims to discover one. The lack of chemistry between security and healthcare mindsets Doctors operate under the theory that a medical professional should be able to swiftly access the information they’re seeking. Security experts insist […]

Continue Reading...

Posted in Application Security, Healthcare Security | Comments Off on How can the healthcare industry protect itself from cyber threats?

 

6 recommendations for healthcare cybersecurity

Early last year, in response to the Cybersecurity Act of 2015, the US Department of Health and Human Services (HHS) established The Health Care Industry Cybersecurity Task Force. This month the task force published its recommendations to improve healthcare cybersecurity. While non-binding (today), the recommendations should be considered a heads up to health care organizations, “covered […]

Continue Reading...

Posted in Healthcare Security, Medical Device Security | Comments Off on 6 recommendations for healthcare cybersecurity

 

Sobering thoughts when a connected medical device is connected to you

Originally posted on SecurityWeek.  I recently had reason to spend an overnight visit in the hospital. When friends and family left me late in the evening I was confronted with a subject that I had considered professionally but never had to face personally: the connected medical device. When software security gets personal The device that […]

Continue Reading...

Posted in Embedded Software Testing, Healthcare Security, Medical Device Security | Comments Off on Sobering thoughts when a connected medical device is connected to you

 

Fault Injection Podcast .001: Paging Dr. McCoy

Fault Injection is a podcast from Synopsys that digs into software quality and security issues. This week, hosts Robert Vamosi, CISSP and Security Strategist at Synopsys, and Chris Clark, Principal Security Engineer at Synopsys, go into detail about a new report from Synopsys and the Ponemon Institute on medical device security. You can always join […]

Continue Reading...

Posted in Application Security, Healthcare Security, Medical Device Security | Comments Off on Fault Injection Podcast .001: Paging Dr. McCoy

 

How to measure software security in the healthcare industry

In 2015, healthcare became the most attacked industry, replacing financial services. Since 2010, there have been at least eight healthcare industry breaches publically reported in the media. The 2016 Cyber Security Intelligence Index states that five of the eight breaches took place during the first half of 2015. During that period, over 100 million medical […]

Continue Reading...

Posted in Healthcare Security, Maturity Model (BSIMM) | Comments Off on How to measure software security in the healthcare industry

 

Responsible disclosure on a timetable

In response to its haphazard patch release cycle in the late 1990s, Microsoft launched an every second-Tuesday-of-the-month “Patch Tuesday” program in 2004. Last week, on February 14 to be exact, Microsoft abruptly canceled its current monthly set of patches and said that its slate of new patches would return on March 14. The problem is […]

Continue Reading...

Posted in Ethical Hacking, Healthcare Security, Vulnerability Assessment | Comments Off on Responsible disclosure on a timetable

 

Shining a light onto cybersecurity at the 2017 HIMSS Conference

Next month, over 40,000 health IT professionals, clinicians, executives, and vendors will converge from around the globe to attend the 2017 HIMSS Annual Conference and Exhibition. The event will take place from February 19-23 in Orlando, Florida. We’re looking forward to those five days of exceptional education, cutting-edge health IT product discussions, and powerful networking opportunities. […]

Continue Reading...

Posted in Healthcare Security, Security Conference or Event | Comments Off on Shining a light onto cybersecurity at the 2017 HIMSS Conference

 

What to look forward to at the 2017 Medical Device Security 101 Conference

This year’s Medical Device Security 101 Conference is just days away. We’re looking forward to meeting attendees January 15-17 in sunny Lake Buena Vista, Florida. Identify, prevent, recover. We’d like to thank the University of Michigan’s Archimedes Center for Medical Device Security for hosting the two-day educational workshop. This synergistic environment explores how to identify, […]

Continue Reading...

Posted in Healthcare Security, Medical Device Security, Security Conference or Event | Comments Off on What to look forward to at the 2017 Medical Device Security 101 Conference