Pharmaceutical

Uncle Sam Makes Mobile, Medical Device Security a Priority in 2014

The U.S. Department of Health and Human Services (HHS) says that it will make the security of mobile devices containing personal health information and networked medical devices areas of intense scrutiny in 2014.   The security of a wide range of devices, from laptops and USB ‘jump drives’ to networked medical devices like dialysis machines and medication dispensing systems will be under review, according to a 2014 Work Plan issued by HHS’s Office of the Inspector General (OIG). (PDF) Among other projects, the  OIG will review hospitals’ plans to protect the loss of protected health information (PHI), as well as similar plans put in place by Medicare and Medicaid contractors in the next year.  OIG will also scrutinize security controls at hospitals that protect networked medical devices. OIG wants to determine if the controls in place are adequate to secure electronic protected health information stored on medical devices. Links between networked […]

Are Wearables The Future Of Authentication?

CIO Magazine has an interesting round-up piece that looks at the enterprise impact of wearable technology, which you can read here.   Much of this is what you’d expect: FitBit, Google Glass and the (coming) tsunami of smart watches that will soon wash over us. The Cliff’s Notes version is that adoption of wearables will be rapid in verticals that are positioned to leverage the technology early on – such as healthcare and retail. But the piece argues that enterprises risk ‘missing’ the wearable wave in the same way that they ‘missed’ (or at least didn’t plan for) the mobile computing revolution. What might planning entail? Pilots, apparently – maybe of Google Glass or a competing technology. [Read more Security Ledger coverage of wearable technology. ] An interesting side note concerns a possible enterprise ‘killer app’ for wearables; authentication. The article quotes Forrester Analyst J.P. Gownders saying that wearable technology, with integrated biometric […]

Cisco Survey: 100% of Fortune 500 Hosting Malware?

If you’re working in IT at a Fortune 500 firm, Cisco Systems has some unwelcome news: you have a malware problem. According to the 2013 Annual Security Report from the networking giant, 100 percent of 30 Fortune 500 firms it surveyed sent traffic to Web sites that host malware. Ninety-six percent of those networks communicated with hijacked servers operated by cyber criminals or other malicious actors and 92 percent transmitted traffic to Web pages without content, which typically host malicious activity. “It was surprising that it was 100 percent, but we know that it’s not if you’re going to be compromised, but when,” said Levi Gundert, a technical lead in Cisco’s Threat Research, Analysis and Communications (TRAC) group in an interview with The Security Ledger. Among the high points (or low points) in Cisco’s Report: Cisco observed the highest number of vulnerabilities and threats on its Intellishield alert service in the 13 years […]