Security researchers have found 11 vulnerabilities in certain GE HealthCare ultrasound products that could allow malicious actors to physically implant ransomware or manipulate patient data stored on the affected devices. GE said the risks can be mitigated through best security practices.
In the wake of geopolitical tensions, nation-state threats have "crossed the line more often than they ever have," said Dawn Cappelli, head of OT-CERT at Dragos, warning of the growing threat to critical infrastructure and emerging challenges for small and medium enterprises.
Multiple types of Telit Cinterion cellular modules for IoT and machine-to-machine devices, which are widely used across industrial, financial services, telecommunications and healthcare environments, are vulnerable to being remotely compromised via malicious SMS messages, security researchers warn.
Despite the persistent threats and complexities in the OT world, it's tough for security practitioners to define a clear business case. Rick Kaun, vice president of solutions at Verve Industrial Protection, emphasized the nuanced approach required for building effective security frameworks.
Legacy systems that coexist with modern cloud-based applications complicate the arduous process of implementing cybersecurity measures. "When you get a company that is over 100 years old, you get some things that came along at different eras of the business," said Vaughn Hazen, CISO of CN Rail.
Censys CEO Brad Brooks discussed the alarming reality of heightened cyberthreats and how organizations are reassessing their cybersecurity needs when shopping for cyber insurance, seeking solutions that align with their evolving security strategies.
Updating software as new vulnerabilities are discovered persistently remains a top medical device cybersecurity challenge, said David Brumley, a cybersecurity professor at Carnegie Mellon University and CEO of security firm ForAllSecure. Solving this requires a major mindset shift, he said.
Corelight has secured $150 million on a $900 million valuation to support future growth and secure full independence. The Series E funds will be used to enhance the network detection and response vendor's product innovation, including expanded detection capabilities and improved security workflows.
Forescout CEO Barry Mainz highlights the growing risks associated with OT and IoT devices and how cybersecurity strategies must evolve to address these challenges. He emphasizes the need for visibility, classification and robust risk assessment to manage these vulnerabilities effectively.
Microsoft has released a new open-source security tool to close gaps in threat analysis for industrial control systems and help address increased nation-state attacks on critical infrastructure. ICSpector, available on GitHub, can scan PLCs, extract information and detect malicious code.
As railways embrace digital transformation, the industry faces unique security challenges. Tom Remberg, CISO of Bane Nor, the agency responsible for Norway’s railway infrastructure, shared strategies to mitigate risks associated with digital change in the rail sector.
Medical device makers submitting products for premarket approval by the Food and Drug Administration often struggle the most with cybersecurity in three major areas - design controls, providing a software bill of materials and testing, according to Nastassia Tamari of the FDA.
Zscaler purchased an agentless segmentation startup founded by longtime Juniper Networks executives to dynamically control access to critical infrastructure based on identity and context. Acquiring Airgap Networks will prevent sophisticated threats from moving laterally within IoT or OT devices.
Following Rubrik's announcement that it plans to list on the New York Stock Exchange, another company is considering trying its luck in the public market. Claroty is meeting with underwriters ahead of a possible 2025 IPO that could value the cyber-physical systems security titan at $3.5 billion.
Robotic medical devices, such as surgical gear, offer great potential to improve patient care, but the cyber risks associated with these products must be carefully addressed, said Kevin Fu, director of the Archimedes Center for Health Care and Medical Device Cybersecurity at Northeastern University.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.