Explosive growth in smart medical devices has created a new set of challenges for the healthcare industry. To adapt to these changes, health IT risk management experts are seeking new ways to better balance integrated services and security. While medical devices are regulated in many ways for functionality, with rules or laws put forth by regulatory agencies, these same regulators have fallen short when it comes to prescribing enforceable security standards that sufficiently address today’s interconnected healthcare systems—an issue made particularly complex by the lack of agreement over whether providers or device manufactures should bear the liability burden.
There are more U.S. breach notifications laws than Baskin Robbins ice cream flavors, and the inconsistency of these laws will continue to cause confusion and compliance challenges for companies throughout 2019. We will see an increase in fines levied and potential jail time for those who do not meet the expectation of these measures. States like California, Rhode Island, and Massachusetts have all been very aggressive in their enforcement of these laws, a trend likely to be closely followed throughout the next year. Many organisations struggle with the lack of clarity of breach disclosure definitions and expectations. States that create notification laws that include defined processes will help organisations be better prepared and compliant to disclosure strategies in the event of a breach. This will promote more strategic thought processes for recording and reporting incidents and will reinforce that it is no longer enough to quickly notify on a breach incident, they will also need to accurately identify the full impact of the event. Going forward, organisations will be expected to fully understand how widespread the attack was, how deeply the attacker penetrated, and how to set the right controls in place to prevent their return.”
Use of the cloud is now well established in many businesses. But that’s not to say that it isn’t still a fast moving sector of the industry. With greater competition than ever and the pace of innovation showing little sign of slowing down, we’ve put together some expert views on what might be in store for cloud users in 2019…Carolyn Crandall, chief deception officer and CMO at Attivo Networks also sees security challenges ahead. “Cloud will become an increased target in 2019 as adoption grows and attackers increasingly exploit weaknesses in shared security models. Cloud providers will protect the infrastructure platform with an increased awareness of hardware-based attacks, however the lack of understanding about…
Attivo Networks® today congratulates Carolyn Crandall, who holds a dual role as Chief Marketing Officer and Chief Deception Officer, for her recognition in the CEO Today USA Awards. The CEO Today magazine USA Awards honor companies pushing the envelope in business, and the executives that make progress possible. Annually, CEO Today magazine identifies and credits the most respected companies and their C-level executives who lead the way on a global stage. CEO Today’s research team draws on the views of thousands of stakeholders including investors, analysts, employees, and media professionals worldwide to compile its annual CEO Today USA. The CEO Today USA Awards celebrate the success, innovation and strategic vision of CEOs across a number of sectors and industries across the U.S.
How has the security of the Internet of Things evolved in recent years? TechBeacon last visited the topic in 2017 and found the picture to be troubling at best. Now, for the first time since 2014, OWASP has updated its own Top Ten list of IoT Vulnerabilities. While the present state of IoT security remains poor, a reading of the draft reveals some shifts in thinking about how to shore up IoT devices’ spotty security. For example, “weak, guessable, or hardcoded passwords” now top the list, replacing insecure web interfaces, which drop to No 3. Insecure networks also rank higher, now up a spot, to second on the list.
The internet of things is growing rapidly, and IoT-enabled devices are beginning to appear in all aspects of our lives. This not only impacts consumers, but also enterprises, as it is expected that over 50% of all organizations will have some form of IoT in operation in 2019. The number of IoT-connected devices has risen exponentially, and that growth shows no sign of slowing as Gartner forecasts that more than 20 billion internet-connected appliances and machines will be in use by 2020 — a number that, even now, has surpassed the world’s population. With more and more companies developing internet-enabled devices ranging from doorbells and security cameras to refrigerators and thermostats, it comes as little surprise that threat actors are discovering new vulnerabilities and developing new ways to exploit them.
Dealing with cyberattacks on a daily basis has become the reality for businesses today. However, few organisations take a proactive response. Instead, they are left to deal with the fallout after an attack happens and the financial and reputational damage to their business has already occurred. TechRadar Pro spoke with Attivo Networks’ Chief Deception Officer Carolyn Crandall who suggests that businesses adopt the long established military technique of ‘deception’ to help them gain an edge over cybercriminals.
We live in an increasingly interconnected world and have created an on-demand society that expects instant access to information along with the ability to conduct business at any place and at any time. New technologies that provider faster services and improved economics are seen within new cloud architectures and the Internet of Things (IoT) is growing at an unprecedented pace—so much so that IoT devices are now already outnumbering the human population and will likely be in the operations of over 50 percent of companies in 2019. It’s an exciting time from a consumer perspective, as well as from a tech industry perspective. But with innovation comes new challenges—particularly when it comes to security.
“IoT-enabled device innovation will continue to outpace the security built into those devices and Federal government regulation will continue to inadequately define the laws and fines required to affect change. State-level regulations will be enacted to improve the situation, but will likely fall short in impact, and in many cases, only result in a false sense of consumer confidence with respect to the security of these devices”—Carolyn Crandall, Chief Deception Officer, Attivo Networks.