Software Integrity Blog

Archive for the 'Medical Device Security' Category

 

6 recommendations for healthcare cybersecurity

Early last year, in response to the Cybersecurity Act of 2015, the US Department of Health and Human Services (HHS) established The Health Care Industry Cybersecurity Task Force. This month the task force published its recommendations to improve healthcare cybersecurity.

Continue Reading...

Posted in Healthcare Security, Medical Device Security | Comments Off on 6 recommendations for healthcare cybersecurity

 

Sobering thoughts when a connected medical device is connected to you

Originally posted on SecurityWeek. 

Continue Reading...

Posted in Healthcare Security, Medical Device Security | Comments Off on Sobering thoughts when a connected medical device is connected to you

 

Synopsys report finds the medical device industry vulnerable to attack

In a new report, Synopsys found that 67% of medical device manufacturers and 56% of healthcare delivery organizations (HDOs) believe an attack on a medical device built or in use by their organization is likely to occur over the next 12 months.

Continue Reading...

Posted in Medical Device Security | Comments Off on Synopsys report finds the medical device industry vulnerable to attack

 

Fault Injection Podcast .001: Paging Dr. McCoy

Fault Injection is a podcast from Synopsys that digs into software quality and security issues. This week, hosts Robert Vamosi, CISSP and Security Strategist at Synopsys, and Chris Clark, Principal Security Engineer at Synopsys, go into detail about a new report from Synopsys and the Ponemon Institute on medical device security.

Continue Reading...

Posted in Healthcare Security, Medical Device Security | Comments Off on Fault Injection Podcast .001: Paging Dr. McCoy

 

Medical device manufacturers and open source security vulnerabilities

On December 28, 2016, the US Food and Drug Administration (FDA) finalized its guidance on the “Postmarket Management of Cybersecurity in Medical Devices.” The release of the guidance was accompanied by an official blog post, which points out that as medical devices become increasingly sophisticated and connected, they become more prone to attack. Successful attacks can result in physical harm or even death to real people.

Continue Reading...

Posted in Medical Device Security, Open Source Security | Comments Off on Medical device manufacturers and open source security vulnerabilities

 

What to look forward to at the 2017 Medical Device Security 101 Conference

This year’s Medical Device Security 101 Conference is just days away. We’re looking forward to meeting attendees January 15-17 in sunny Lake Buena Vista, Florida. Identify, prevent, recover. We’d like to thank the University of Michigan’s Archimedes Center for Medical Device Security for hosting the two-day educational workshop. This synergistic environment explores how to identify, prevent, and recover from security breaches to keep your firm as secure as possible. Stop by to discuss how Synopsys can help further your security strategy, ask questions about our service offerings, or just to say ‘hello.’ We will be available at the event on Monday, January 16th from 8am to 4:30pm. Food for thought. This year, Synopsys will also be sponsoring the Gala Dinner that takes place on Monday evening from 6:15-8:30pm. Join us, the conference speakers, and your fellow attendees at Epcot’s American Adventure Rotunda for a relaxing dinner.

Continue Reading...

Posted in General, Healthcare Security, Medical Device Security | Comments Off on What to look forward to at the 2017 Medical Device Security 101 Conference

 

Philips honors Synopsys researcher with responsible disclosure honor

Philips has named Mike Ahmadi, global director of critical systems security for Synopsys Software Integrity Group, to its Responsible Disclosure Hall of Honors.

Continue Reading...

Posted in Medical Device Security, Software Composition Analysis | Comments Off on Philips honors Synopsys researcher with responsible disclosure honor

 

The digital doctors are in: Are you covered?

Following recent vulnerabilities disclosed in medical devices, a panel of experts discussed current remediation efforts and steps toward developing industry best practices.

Continue Reading...

Posted in General, Medical Device Security | Comments Off on The digital doctors are in: Are you covered?

 

AAMI TIR57 recognized by the FDA as a foundational cybersecurity standard for medical devices

It took a few years to make it happen, but the AAMI TIR57 “Principles for medical device security – Risk management” standard was finally published by AAMI this summer, and the FDA formally recognized it as a foundational standard less than a month after it came out.

Continue Reading...

Posted in Medical Device Security, Security Standards and Compliance | Comments Off on AAMI TIR57 recognized by the FDA as a foundational cybersecurity standard for medical devices

 

Researchers question Muddy Water’s security report on St. Jude Medical

New research suggests that parts of a report from a capital investment firm alleging vulnerabilities in St Jude Medical devices were inaccurate.

Continue Reading...

Posted in Healthcare Security, Medical Device Security | Comments Off on Researchers question Muddy Water’s security report on St. Jude Medical