Medtronic's announcement that it's launching an "in-depth risk/benefit analysis" following an "ethical hack" of one of its insulin pumps is good news. We hope that Medtronic and all other medical device manufacturers launch long-overdue, aggressive efforts to improve medical device safeguards.
Many organizations have the expertise required to implement cyber intelligence but have yet to learn how to integrate those skill sets into an effective, end-to-end process, says Intelligence and National Security Alliance's Terry Roberts.
The BlackBerry disruption strikes at a core IT security precept: availability. Yet, as cybersecurity and IT architecture practitioner Winn Schwartau points out, it also raises the less-often talked about proposition of accountability.
Instead of sabotage, as Stuxnet was used on Iranian nuclear centrifuges, Duqu is designed to gather intelligence that could help attackers mount a future digital assault on industrial control facilities.
Mike Brown and Amry Junaideen see audits as great tools to promote heftier IT security budgets, substantiating where dollars should be spent to safeguard an organization's information systems and assets.
"This guidance ... will allow the market to evaluate companies in part based on their ability to keep their networks secure," Sen. Jay Rockefeller says. "We want an informed market and informed consumers, and this is how we do it."