The Internet of Things is all around us. But it doesn’t stop there—now it’s inside us too. As the era of “connected everything” explodes, so does the use of network-connected medical devices. These interconnected devices, ranging from hospital imaging equipment to implantable pacemakers to infusion pumps, help healthcare providers and patients in a variety of […]
Continue Reading...
Posted in General, Healthcare Security, Internet of Things, Medical Device Security | Comments Off on The IoT within us: Network-connected medical devices
It’s never good news to find out that both your personal and clinical information could be compromised by the software platform your healthcare provider is using. But it’s at least somewhat better news to know that the company responsible for the vulnerable software has been transparent about it, notifying the appropriate government agencies so all […]
Continue Reading...
Posted in General, Healthcare Security, Medical Device Security | Comments Off on Cardiac patient data at risk, Philips reports
What makes medical devices hackable? The same thing that makes websites hackable: software vulnerabilities. But the consequences are far worse than stolen data.
Continue Reading...
Posted in Healthcare Security, Medical Device Security | Comments Off on Medical devices still hackable, researchers say
The recent announcement by the Federal Food and Drug Administration (FDA) that it has adopted the ANSI (American National Standards Institute)-approved UL 2900-2-1 as a “consensus standard” for premarket certification of medical devices means the world is about to change—for the better. Especially for patients. Any effort to overhaul the cyber security of connected medical […]
Continue Reading...
Posted in Healthcare Security, Medical Device Security | Comments Off on How to help your medical devices meet the UL (and FDA) standard
What does cyber security mean for connected medical devices? Recently, the U.S. Food and Drug Administration (FDA) officially announced that it formally recognizes UL 2900-2-1. The announcement follows up the FDA’s acceptance last year of UL 2900-1, the first publication in the UL 2900 series of standards for cyber security. UL 2900-2-1 is the first […]
Continue Reading...
Posted in Healthcare Security, Medical Device Security | Comments Off on Building security into connected medical devices
The cyber security of connected medical devices, notoriously poor for decades, could finally start to improve. The June 6 announcement by the federal Food and Drug Administration (FDA) on a change in the premarket certification process of devices was low-key—11 pages of dense bureaucratese buried within tens of thousands of pages in the Federal Register. […]
Continue Reading...
Posted in Healthcare Security, Medical Device Security | Comments Off on FDA adopts UL 2900-2-1, improves cyber security of connected medical devices
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. Watch the episode below: What’s in this week’s Security Mashup, you ask? Cryptocurrency exchange Bancor gets targeted by hackers and loses $23.5 million, two new subvariants of Spectre vulnerabilities have been discovered, […]
Continue Reading...
Posted in General, Medical Device Security, Security Standards and Compliance, Webinars | Comments Off on Hackers target cryptocurrency exchange, new Spectre vulnerabilities, and healthier healthcare
Black Duck by Synopsys announces OpsSight 2.0. Abbott strengthens pacemaker software against vulnerabilities. A year after disclosure, the Struts vulnerability is still a danger to thousands of companies. And the new Synopsys Security Mashup video is up. Software Integrity Insight is your resource on the cyber security and open source security news that made headlines […]
Continue Reading...
Posted in Agile, CI/CD & DevOps, Container Security, Medical Device Security, Static Analysis (SAST) | Comments Off on OpsSight Container Security 2.0, Integrating SAST into DevSecOps, building hacker-proof voting
FUD—fear, uncertainty, and doubt—is usually met with relentless mockery in the cyber security world, since it’s sometimes used to try to frighten people into buying a product. But nobody was mocking the FUD generated by a live simulation of a hack of an infusion pump that then delivered a massive overdose of medication to a […]
Continue Reading...
Posted in General, Healthcare Security, Medical Device Security | Comments Off on Physician hackers: Healthcare security is in critical condition
Wednesday, RSA 2018: On any given day, there are more than 150 sessions to choose from here. Good luck getting to even 5% of those. The good news is that attendees can get access to most of the sessions they missed after the fact, since the slide presentations are posted and videos are made of […]
Continue Reading...
Posted in Automotive Security, General, Medical Device Security | Comments Off on Behavioral security at RSA Conference 2018
