Tag: medical devices

Spotlight Podcast: CSS on why Crypto Agility is the Key to Securing Internet of Things Identities

Podcast: Play in new window | Download (Duration: 34:12 — 39.1MB) | EmbedSubscribe: Android | Email | Google Podcasts | RSSIn this Spotlight Edition of the Security Ledger Podcast: identity is at the root of many of the security problems facing the Internet of Things, from vulnerable and “chatty” endpoints to a lack of robust update and lifecycle management features. To figure out how we might start to build a more secure IoT ecosystem, we invited Judah Aspler, the Vice President of IoT Strategy at Certified Security Solutions, or CSS Security in to talk about how more agile PKI infrastructure is one element in scaling the Internet of Things without creating a giant security mess. 

FDA Medical Device Plan: a Baby Step in the Right Direction

In this industry perspective, Dan Lyon and Taylor Armerding of the firm Synopsys discuss the impact of the FDA’s new Medical Device Safety Action Plan, which promises to improve the cyber security of medical devices…eventually. 

Spotlight: Deepika Chauhan of Digicert on the Challenges of Securing the Internet of Things

Podcast: Play in new window | Download (Duration: 25:57 — 29.7MB) | EmbedSubscribe: Android | Email | Google Podcasts | RSSThere’s an epidemic of insecure Internet of Things devices. But why? And what is the shortest path to ending that epidemic? In this Spotlight Edition* of The Security Ledger Podcast, we speak with Deepika Chauhan, the Executive Vice President of Emerging Markets at DigiCert. Her job: forging new paths for the use of public key encryption to secure Internet of Things ecosystems.

BLU smart phone

BLU settles with FTC over unauthorized transmission of personal customer data to China

Florida-based mobile device maker BLU has settled with the Federal Trade Commission (FTC) over charges it allowed a Chinese partner to collect detailed personal customer information from some of its devices without authorization or consent.

BLU smart phone

Experts Propose Standard for IoT Firmware Updates

Bleeping Computer reported that a new proposal submitted to the Internet Engineering Task Force (IETF) defines a secure framework for delivering firmware updates to Internet of Things (IoT) devices. Insecure software updates for embedded devices (aka ‘firmware’) have been a frequent source of security lapses on mobile and embedded devices like Internet connected webcams. Filed on October 30, the “IoT Firmware Update Architecture,” establishes security requirements for device makers to implement when designing firmware update mechanisms for connected devices. A familiar list of features The proposed rules include features that have long been recommended by security experts to permit safe handling of software updates. Among them the use of cryptographically signed updates and public key cryptography to provide end-to-end security and verify firmware images, as well as the ability to work with low-power and resource constrained IoT devices. Firmware has been the source of widespread security issues. For example, low-cost […]