In this, our 70th episode of The Security Ledger podcast, we speak withXu Zou of the Internet of Things security startup Zingbox about the challenges of securing medical devices and clinical networks from cyber attack. Also: we take a look at the turmoil that has erupted around the OWASP Top 10, a list of common application security foibles. And finally: open source management vendor Black Duck Software announced that it was being acquired for more than half a billion dollars. We sit down with Black Duck CEO Lou Shipley to talk about the software supply chain and to hear what’s next for his company.
In-brief: Talking about Susan Mauldin’s music degree is a socially acceptable way for men to vent about a woman who they don’t feel belongs in their workplace – especially not in a senior role.
In-brief: A man in Pennsylvania said he was just being a disgruntled former employee when he hacked into base stations owned by his ex-employer that control access to smart water meters and disrupted the business of municipal water utilities across three states. He faces jail time, probation and a fine for his actions.
In-brief: the U.S. healthcare sector is in critical condition and needs urgent, coordinated action to protect patient safety and address vulnerabilities in millions of deployed medical devices, a Congressional Task Force has concluded. (Updated with comments from Joshua Corman of Atlantic Council. PFR June 7, 2017)
In-brief: Insurance giant AIG announced Monday that it has started offering cyber insurance to protect individuals and families from ransomware attacks, data theft and cyber bullying. But don’t go looking to sign up at Wal-Mart: the service is only available to AIG’s high net worth customers.