FDA Begins Process to Change Patching of Medical Devices The Food and Drug administration is beginning to understand that their 19th century strategy that requires manufacturers to recertify their products every time they apply a patch only leads to the devices being hacked – which they are being, regularly. They have also asked Congress for […]
Continue reading → [DISPLAY_ACURAX_ICONS]For those of you who have been reading my blog for some time, you know that I have written about the software supply chain security problem. In a nutshell, the problem is that programmers rarely write code from zero anymore. Instead teams write pieces of code and integrate it. Then there is limited testing due […]
Continue reading → [DISPLAY_ACURAX_ICONS]There is a term in the cyber security world called dwell time. Dwell time is the amount of time between the time an attacker breaks in and the good guys figure that out. In 2011 the average dwell time was over 400 days. According to a just released Mandiant report, that number is now only […]
Continue reading → [DISPLAY_ACURAX_ICONS]Google has a interesting strategy. Build prototypes of products. Show them or leak them. See if anyone cares. Kill them if it doesn’t work out – there are lots of examples. After many users are already using them. One other thing that they do is attempt to lock users into the Google ecosystem. Of course. […]
Continue reading → [DISPLAY_ACURAX_ICONS]Equifax Fallout Proxy adviser Institutional Shareholder Services is recommending against re-electing 5 directors who sat on the audit and technology committees prior to the recent breach. Equifax says that the breach will cost them an estimated $439 million through the end of this year and the company is facing hundreds of lawsuits. The company has […]
Continue reading → [DISPLAY_ACURAX_ICONS]Way back in the dark ages of 2013 the PCI Security Standards Council (PCI SSC) released a document regarding processing credit cards in the cloud. It was 52 pages. This month the PCI SSC released a new version of that same document. It is now 83 pages. This version seems to better understand the risk […]
Continue reading → [DISPLAY_ACURAX_ICONS]