US Department of Homeland Security
See the following -
A Bureaucratic Mess Leads to Shutdown of HHS Cybersecurity Center
In May 2017, the Department of Health and Human Services decided to stand up its own version of the Department of Homeland Security’s National Cybersecurity and Communications Integration Center in order to address the increasing cybersecurity risks to the health care sector. But creating the Health Cybersecurity and Communications Integration Center, or HCCIC, was the easy part. Soon after, the newfound center landed in the spotlight, sparking agency and industry drama about the role and scope of HHS authorities in information sharing.
- Login to post comments
On the Lack of Cyber Security of Medical Devices
Two weeks ago the U.S. Food and Drug Administration advised hospitals not to use Hospira's Symbiq infusion system, concluding that a security vulnerability enables hackers to take remote control of the system. The agency issued the advisory some 10 days after the U.S. Department of Homeland Security warned of the vulnerability in the pump. My view is that this will be the first of many advisories. For years, manufacturers of medical devices depended on the “kindness of strangers” assuming that devices would never be targeted by bad actors. EKG machines, IV pumps, and radiology workstations are all computers, often running un-patched old operating systems, ancient Java virtual machines, and old web servers that no one should currently have deployed in production.
- Login to post comments