Say goodbye to buying internet of things devices in Britain with a default or hardcoded password set to "12345," as the country has banned manufacturers from shipping internet-connected and network-connected devices that don't comply with minimum cybersecurity standards.
As railways embrace digital transformation, the industry faces unique security challenges. Tom Remberg, CISO of Bane Nor, the agency responsible for Norway’s railway infrastructure, shared strategies to mitigate risks associated with digital change in the rail sector.
Medical device makers submitting products for premarket approval by the Food and Drug Administration often struggle the most with cybersecurity in three major areas - design controls, providing a software bill of materials and testing, according to Nastassia Tamari of the FDA.
State-sponsored hackers have responded to improved network scanning by shifting their focus to edge devices characterized by patchy endpoint detection and proprietary software that hinders forensic analysis, warns Mandiant. "Attackers are focusing more on evasion," it says in a report.
Half a dozen different botnets are prowling the internet for TP-Link-brand Wi-Fi routers unpatched since last summer with the goal of commandeering them into joining distributed denial-of-service attacks. Chinese router manufacture TP-Link in June patched a command injection vulnerability.
Zscaler purchased an agentless segmentation startup founded by longtime Juniper Networks executives to dynamically control access to critical infrastructure based on identity and context. Acquiring Airgap Networks will prevent sophisticated threats from moving laterally within IoT or OT devices.
Robotic medical devices, such as surgical gear, offer great potential to improve patient care, but the cyber risks associated with these products must be carefully addressed, said Kevin Fu, director of the Archimedes Center for Health Care and Medical Device Cybersecurity at Northeastern University.
Following Rubrik's announcement that it plans to list on the New York Stock Exchange, another company is considering trying its luck in the public market. Claroty is meeting with underwriters ahead of a possible 2025 IPO that could value the cyber-physical systems security titan at $3.5 billion.
In the latest weekly update, ISMG editors discussed key insights on OT security from the Cyber Security for Critical Assets Summit in Houston, the implications of a critical Linux utility found to have a backdoor, and a CISO's perspective on comprehensive cloud security strategy.
The Energy Department is hoping to catalyze next-generation solutions to cybersecurity vulnerabilities in the energy sector by funding the creation of university-based cyber energy centers nationwide that will bring together private sector partners and the future of U.S. cyber talent.
IT and OT security experts say threats to shipping underscore the need for more stringent regulations for passenger, cargo and high-speed vessels by the International Association of Classification Societies. The new IACS cybersecurity and resilience requirements will go into effect July 1.
What if the world had access to memory-safe hardware for both IT and operational technology environments that could outright block many types of vulnerabilities from being exploited as well as make code safer to run on legacy systems? Enter the U.K.'s Digital Security by Design initiative.
The many kinds of OT and IoT gear that are not regulated medical devices but are critical to run hospitals and other care facilities present a variety of cybersecurity and patient safety concerns, said Dr. Benoit Desjardins, professor of radiology at the University of Pennsylvania Medicine.
Healthcare organizations and makers of medical devices need to think about how to safeguard their critical medical gear against future cyberthreats, including the looming dangers posed by quantum computing, said Mike Nelson, global vice president of digital trust at security firm DigiCert.
QNAP Systems on Saturday released a patch for a critical bug that allows unauthorized access to devices without authentication. The issue affects its QTS, QuTS hero, and QuTScloud products and potentially exposes network-attached storage devices to unauthorized access.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.