Software Integrity

Archive for the 'Healthcare Security' Category

 

Medical devices still hackable, researchers say

Security researchers Jonathan Butts and Billy Rios wanted to make it clear at the beginning of their presentation. “The benefits of implanted medical devices outweigh the risks (for most people),” read one of their opening slides. But they probably wouldn’t have been doing a session at Black Hat titled “Understanding and Exploiting Implanted Medical Devices” […]

Continue Reading...

Posted in Healthcare Security, Medical Device Security, Security Conference or Event

 

How to help your medical devices meet the UL (and FDA) standard

Any effort to overhaul the cyber security of connected medical devices is likely to take considerable time and energy. Given that many of them are made to last decades, securing them while they’re in use can make turning an ocean liner look positively nimble. Still, the announcement last month by the Federal Food and Drug […]

Continue Reading...

Posted in Application Security, Healthcare Security, Medical Device Security, Software Security Testing

 

Codenomi-con speakers agree: Bringing back privacy requires citizen action

We keep hearing that privacy is dead. But there is a good chance that a lot of us still aren’t aware of just how dead. So this week Synopsys presented codenomi-con, in connection with the Black Hat conference in Las Vegas, offering reminders about that reality in both government and the private sector. At the […]

Continue Reading...

Posted in Application Security, Healthcare Security, Privacy, Security Conference or Event

 

Building security into connected medical devices

What does cyber security mean for connected medical devices? Recently, the U.S. Food and Drug Administration (FDA) officially announced that it formally recognizes UL 2900-2-1. The announcement follows up the FDA’s acceptance last year of UL 2900-1, the first publication in the UL 2900 series of standards for cyber security. UL-2900-2-1 is the first FDA […]

Continue Reading...

Posted in Application Security, Healthcare Security, Medical Device Security

 

Singapore healthcare hit with “unprecedented” cyber attack

It apparently took just about a week after cyber attackers broke into SingHealth, Singapore’s largest healthcare group, for them to steal the “non-medical personal particulars” of 1.5 million people—about a quarter of the city-state’s population—plus “information on outpatient dispensed medicines” of about 160,000 of them. SingHealth (Singapore Health Services) operates two tertiary hospitals, five national […]

Continue Reading...

Posted in Application Security, Healthcare Security

 

FDA adopts UL 2900-2-1, improves cyber security of connected medical devices

The cyber security of connected medical devices, notoriously poor for decades, could finally start to improve. The June 6 announcement by the federal Food and Drug Administration (FDA) on a change in the premarket certification process of devices was low-key—11 pages of dense bureaucratese buried within tens of thousands of pages in the Federal Register. […]

Continue Reading...

Posted in Application Security, Healthcare Security, Medical Device Security

 

Physician hackers: Healthcare security is in critical condition

FUD—fear, uncertainty, and doubt—is usually met with relentless mockery in the cyber security world, since it’s sometimes used to try to frighten people into buying a product. But nobody was mocking the FUD generated by a live simulation of a hack of an infusion pump that then delivered a massive overdose of medication to a […]

Continue Reading...

Posted in Healthcare Security, Medical Device Security, Security Conference or Event

 

What’s in your containers?, Spring Break vulnerability, cyber security in healthcare

Open Source Insight makes the transition to the Synopsys Software Integrity (SIG) blog this week, and you can find us here, as well as the latest posts from SIG technology evangelist Tim Mackey. This week’s edition looks at security for container images, cyber security in healthcare, how most data breaches occur, and a host of […]

Continue Reading...

Posted in Blockchain Security, Containers, Data Breach, Healthcare Security, Open Source Security

 

How can the healthcare industry protect itself from cyber threats?

Software security and healthcare industry professionals operate at opposite ends of the spectrum. Security aims to maintain a secret. Healthcare aims to discover one. The lack of chemistry between security and healthcare mindsets Doctors operate under the theory that a medical professional should be able to swiftly access the information they’re seeking. Security experts insist […]

Continue Reading...

Posted in Application Security, Healthcare Security

 

6 recommendations for healthcare cybersecurity

Early last year, in response to the Cybersecurity Act of 2015, the US Department of Health and Human Services (HHS) established The Health Care Industry Cybersecurity Task Force. This month the task force published its recommendations to improve healthcare cybersecurity. While non-binding (today), the recommendations should be considered a heads up to health care organizations, “covered […]

Continue Reading...

Posted in Healthcare Security, Medical Device Security