In this edition of the ISMG Security Report, former federal CISO Gregory Touhill explains why a zero-trust security model is essential, and Ron Ross of NIST describes initiatives to protect critical infrastructure from IoT vulnerabilities.
In an increasingly complex world of interconnected information systems and devices, more must be done to protect critical infrastructure, says Ron Ross of the National Institute of Standards and Technology.
Healthcare entities need to take a number of important steps to defend against cyberattacks involving remote access, say Chad Waters and Juuso Leinonen, security engineers at the ECRI Institute, which recently singled out hackers remotely accessing medical devices and systems as the No. 1 technology hazard.
DigiCert just conducted a global study of how organizations across sectors are approaching IoT security. What are some of the best practices of the organizations that emphasize securing connected devices? Mike Nelson of DigiCert shares the findings.
The lack of standardization is one of the significant challenges when securing OT environments. Customizing and aligning OT security with the business is key, says Uday Deshpande, CISO at Mumbai-based L&T Group.
What's the outlook for moving from awareness to action when it comes to medical device cybersecurity? Dale Nordenberg, M.D., executive director of the Medical Device Innovation, Safety and Security Consortium, offers an assessment.
Automotive smartphone apps that can be used to unlock or start a car pose new risks that must be managed, says Asaf Ashkenazi of Inside Secure, a mobile security firm, who provides risk mitigation insights.
The FDA's recently issued draft document updating its premarket medical device cybersecurity guidance originally issued in 2014 contains several important provisions, says regulatory attorney Yarmela Pavlovic, who explains the details.
Manufacturers need to change their approach to securing internet of things devices, says Aloysius Cheang, executive vice president for Asia Pacific at the Center for Strategic Cyberspace + Security Science, a U.K.-based think tank, who describes what needs to be done.
As the pace of technology innovation continues to quicken - including the ability to make payments via everything from Alexa to Facebook Messenger - risk-based security is imperative to maintain a frictionless customer experience, says Tim Ayling of Kaspersky Lab.
The FDA's procedures for handling cybersecurity concerns in medical devices once they are on the market are deficient, according to a new federal watchdog agency report. But since that audit was conducted, the FDA has been aggressively ramping up its activities around device cybersecurity.