Cybersecurity in manufacturing

OpenText Information Management

Not long ago, many manufacturing CIOs thought that cybersecurity was something only the financial sector had to worry about. Why would anyone want to hack a manufacturing plant? How times have changed – now, cybersecurity in manufacturing is definitely front and center. I … The post Cybersecurity in manufacturing appeared first on OpenText Blogs.

Tracking Cybersecurity Threats in Manufacturing

Data Breach Today

With the rise of the industrial internet of things comes a far broader attack surface in the manufacturing sector. Chris Morales of Vectra outlines findings of a new report on cyberattack trends in the manufacturing sector

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Medical Device Security: The Manufacturer's View

Data Breach Today

Michael McNeil of Philips on the Manufacturer's Role in Improving Device Cybersecurity Awareness of medical device security issues has grown dramatically over the past few years. But Michael McNeil of device manufacturer Philips argues that cybersecurity is still years behind where it should be, so stakeholders are playing catch-up

Cyberattack Hits Aircraft Parts Manufacturer

Dark Reading

Belgium's Asco has shut down manufacturing around the world, including the US, in response to a major cybersecurity event, but what happened isn't clear

US House Passes IoT Cybersecurity Improvement Act

Security Affairs

House of Representatives passed the IoT Cybersecurity Improvement Act, a bill that aims at improving the security of IoT devices. House of Representatives last week passed the IoT Cybersecurity Improvement Act, a bill designed to improve the security of IoT devices. The U.S.

IoT 90

FDA Reveals Steps to Bolster Medical Device Cybersecurity

Data Breach Today

Bolstering the Cybersecurity of Medical Devices

Data Breach Today

As cybersecurity threats in the healthcare sector evolve, medical device manufacturer ICU Medical is taking a number of steps to help safeguard its products. Chaitanya Srinivasamurthy and Marshall Fryman of the company describe these security initiatives

FDA Calls for 'Cybersecurity Bill of Materials' for Devices

Data Breach Today

Food and Drug Administration Releases Draft of Updated Pre-Market Guidance for Medical Devices Before marketing their medical devices, manufacturers should prepare a "cybersecurity bill of materials" that lists components that could be susceptible to vulnerabilities, according to a draft of updated FDA premarket guidance.

Top cybersecurity Predictions for 2020

Security Affairs

The 2020 Cybersecurity Landscape – Below Pierluigi Paganini’s cybersecurity predictions for the next twelve months. Here we are again for the annual prediction of the events that I believe will impact the cybersecurity landscape in the next year.

Third-Party IoT Vulnerabilities: We Need a Cybersecurity Paradigm Shift

Dark Reading

The only entities equipped to safeguard Internet of Things devices against risks are the IoT device manufacturers themselves

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

Krebs on Security

” Using threat intelligence feeds donated by dozens of cybersecurity companies, the CTC is poring over more than 100 million pieces of data about potential threats each day, running those indicators through security products from roughly 70 different vendors.

New Guidance Published on Cybersecurity and Medical Devices

Data Matters

New European medical device guidance will require manufacturers to carefully review cybersecurity and IT security requirements in relation to their devices and in their product literature. In December 2019, the Medical Device Coordination Group (MDCG) published its guidance on cybersecurity for medical devices (the Guidance). The Guidance acknowledges that even though the Regulations impose legal obligations only on the manufacturer of the device, all other actors (e.g.,

FDA Proposes Action to Enhance Medical Device Cybersecurity

Data Breach Today

Agency Seeks Congressional Authority to Require Makers to Take Certain Steps The FDA has issued plans for advancing the safety of medical devices, including a proposal to impose new cybersecurity requirements on manufacturers. Some experts say the FDA's plans are a good move, given the current device risk environment, but they warn that some proposals could prove difficult to achieve

A CIO on Carrying the Burden of Medical Device Cybersecurity

Data Breach Today

A lack of standards spelling out to manufacturers their responsibilities for addressing the cybersecurity of their medical devices - especially legacy products - has left a big burden on the healthcare entities that use these devices, says Cletis Earle, CIO at Kaleida Health

Agreement on Proposal for Cybersecurity Act

Hunton Privacy

The European Commission (“Commission”), the European Parliament (“Parliament”) and the Council of the European Union reached an agreement earlier this month regarding changes to the Proposal for a Regulation on ENISA, the “EU Cybersecurity Agency”, and repealing Regulation (EU) 526/2013, and on Information and Communication Technology Cybersecurity Certification (the “Cybersecurity Act”). Cybersecurity certification framework.

The Cost of Dealing With a Cybersecurity Attack in These 4 Industries

Security Affairs

A cybersecurity issue can cause unexpected costs in several different areas, which is the cost of Dealing with an attack in 4 Industries? A cybersecurity issue can cause unexpected costs in several different areas. And, the costs go up if the health care facility does not have a cybersecurity response plan to use after an attack gets identified. Manufacturing. The manufacturing industry was not always known to embrace connected technology, but that’s changing.

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

The Last Watchdog

With the largest concentration of cybersecurity expertise –– the “oil” — in the world, Maryland is fast changing from the Old Line State into “Cybersecurity Valley.” In addition, the state is home to 16 nationally designated cybersecurity Centers of Excellence and a state university and college system that graduates more cyber-degreed engineers than any other state. According to Cybersecurity Ventures, there will be 3.5

How To Solve The Cybersecurity Skills Shortage

Cyber Info Veritas

We’ve all read and heard somewhere about the cybersecurity skills shortage. For me, this brings up the question of how to solve the cybersecurity skills shortage. Solving the cybersecurity skills shortage should be no different.

Alerts: Vulnerabilities in 6 Medical Devices

Data Breach Today

DHS Warns of Security Issues in Devices from Baxter, BD and Biotronik Federal authorities are sounding the alarm about cybersecurity vulnerabilities in six medical devices from three manufacturers. The device makers are providing risk mitigation advice

NIST Updates Cybersecurity Framework

Data Matters

On April 17, the National Institute for Standards and Technology (NIST) released an updated version of its standard-setting Cybersecurity Framework. Commerce Secretary Wilbur Ross announced the new release with a statement saying the “Cybersecurity Framework should be every company’s first line of defense” and “adopting version 1.1 For example, the revised introduction notes that “similar to financial and reputational risks, cybersecurity risk affects a company’s bottom line.

Singapore presented the Operational Technology (OT) Cybersecurity Masterplan

Security Affairs

The Cyber Security Agency of Singapore (CSA) presented the Operational Technology (OT) Cybersecurity Masterplan to increase the resilience of Critical Information Infrastructure (CII) sectors. The Cyber Security Agency of Singapore (CSA) presented the Operational Technology (OT) Cybersecurity Masterplan to enhance the security and resilience of Singapore’s Critical Information Infrastructure (CII) sectors in delivering essential services.

Why You Should Teach Yourself Cybersecurity

Cyber Info Veritas

The problem comes when you or anyone want to get a job or are looking to learn about Information Technology or Cybersecurity and face the frustration when competing out there with the Pros. Make sure you have your own cybersecurity lab in place.

The DHS Cybersecurity Strategy: Five Pillars of Cybersecurity Goals

Thales eSecurity

The recent DHS Cybersecurity Strategy was released at a crucial time when today’s cyberspace has become a new frontier for warfare for both nation states and criminal hackers. The DHS Cybersecurity Strategy is a well-thought-out framework with five pillars of cybersecurity goals to support critical infrastructure, government networks and non-government entities. All in all, the DHS Cybersecurity Strategy provides a solid framework for cybersecurity.

Lessons for In-House Counsel from Cybersecurity’s Front Lines

HL Chronicle of Data Protection

Recent developments reinforce the urgent need for general counsel and legal departments to deepen their focus on cybersecurity. Lessons for In-House Counsel from Cybersecurity’s Front Lines was written by members of the Hogan Lovells Privacy and Cybersecurity practice Peter M. In today’s environment, any organization can be the target of a cyberattack, regardless of industry, size, or geographic footprint.

Privacy and Cybersecurity September 2019 Events

HL Chronicle of Data Protection

Paul Otto will speak on cybersecurity & patient safety at the Medical Device Manufacturers Association’s 12th Annual Medical Technology Executive Forum. The Hogan Lovells Privacy and Cybersecurity KnowledgeShare will share the latest thinking on the key privacy and cybersecurity issues faced by those with data protection responsibilities within organisations. News & Events autonomous vehicles CCPA cybersecurity GDPR medical devices patient data privacy

Shortages of talent, training haunt cybersecurity efforts

Information Management Resources

Manufacturers face serious cyber security concerns, but they continue to struggle with finding skilled professionals and might be underspending on security training. Data security Cyber security Cyber attacks

Medtronic Cardiac Devices Recalled Due to Cyber Concerns

Data Breach Today

FDA Announces 'Voluntary Recall' Related to Vulnerabilities The FDA has announced a "voluntary recall" by Medtronic of certain internet-connected programmers for implantable cardiac devices due to cybersecurity vulnerabilities.

EUROPE: EU MDGC issues new guidance on Cybersecurity for medical devices

DLA Piper Privacy Matters

They also highlight the responsibility of the various parties involved in, for example, integration of systems or devices, and of the operators of such devices, and the need to continuously review security measures to ensure that appropriate cybersecurity measures are in place at all times.

2018 Predictions – Rise of IoT adoption will increase cybersecurity attacks

Thales eSecurity

With 2018 approaching, I have been thinking about what will happen in the cybersecurity landscape and would like to make some predictions for the year ahead. First, John Grimm, our Senior Director of Security Strategy writes, “As we look at the IoT, especially at OT-type environments and manufacturing plants, where there are industrial-type systems that are all connected, we’re starting to see how the operational world and the traditional IT world will come together.

IoT 75

Securing the International IoT Supply Chain

Schneier on Security

consumers generally requires that IoT manufacturers sell through a U.S. cybersecurity agencies. That would put pressure on manufacturers to make sure their products are compliant with the standards set out in this security framework, including pressuring their component vendors and original device manufacturers to make sure they supply parts that meet the recognized security framework. academicpapers cybersecurity hardware internetofthings securitypolicies supplychai

IoT 70

California Passes First-Of-Its-Kind Law Focused on Internet of Things Cybersecurity

HL Chronicle of Data Protection

Late last month, California Governor Jerry Brown signed the first US Internet of Things (IoT) cybersecurity legislation: Senate Bill 327 and Assembly Bill 1906. Consumer Privacy California connected devices consumer cybersecurity Internet of Things IoT legislation new law

Philips, BD Yet Again Issue Medical Device Security Alerts

Data Breach Today

Experts Say Companies Offer Good Examples of Transparency Philips and Becton Dickinson have each issued multiple alerts this year regarding cybersecurity flaws in some of their medical devices.

Proposed Changes to FDA Guidance for the Content of Premarket Submissions for Management of Cybersecurity in Medical Devices: What you Should Know

HL Chronicle of Data Protection

October is National Cybersecurity Awareness Month and the Food and Drug Administration (FDA or the agency) has been busy. This alert explains the following: what is changing with the premarket cybersecurity guidance. Key updates to FDA’s premarket cybersecurity guidance.

California Passes First Of Its Kind IoT Cybersecurity Law

Privacy and Cybersecurity Law

California recently became the first state in the union to pass a cybersecurity law addressing “smart” devices and Internet of Things (IoT) technology. The new law addresses the security obligations of “manufacturers” of connected devices.

Huawei Security Shortcomings Cited by British Intelligence

Data Breach Today

More 'Defects' Found in Software Engineering and Cybersecurity Processes Britain's intelligence establishment warns that Chinese networking giant Huawei's "software engineering and cybersecurity processes" continue to be beset by unresolved "defects" and that improvements promised by the manufacturer have yet to be seen

NHTSA Releases New Automobile Cybersecurity Best Practices

Hunton Privacy

The National Highway Safety Administration (“NHTSA”) recently issued non-binding guidance that outlines best practices for automobile manufacturers to address automobile cybersecurity. The guidance, entitled Cybersecurity Best Practices for Modern Vehicles (the “Cybersecurity Guidance”), was recently previewed in correspondence with the House of Representatives’ Committee on Energy and Commerce (“Energy and Commerce Committee”).

Pentagon Buys Equipment With Known Vulnerabilities: Audit

Data Breach Today

Report Also Highlights Cybersecurity Concerns About Use of Equipment Made in China The U.S. Department of Defense has purchased IT gear known to have significant cybersecurity vulnerabilities, according to a new inspector general audit, which also highlights concerns about the use of equipment manufactured in China

HHS Announces New Health Sector Cybersecurity Coordination Center

Privacy and Cybersecurity Law

Department of Health and Human Services (HHS) Eric Hargan announced the official opening of the Health Sector Cybersecurity Coordination Center (HC3). HC3 replaces the Healthcare Cybersecurity and Communications Integration Center (HCCIC), which was announced in April 2017.

Testing Medical Device Security During COVID-19 Crisis

Data Breach Today

As manufacturers - including companies such as automakers that do not typically produce healthcare devices - race to help fill medical equipment shortages during the COVID-19 crisis, steps must be taken to ensure adequate security testing, says Fairuz Rafique of cybersecurity services firm EmberSec

Webinar on the SAFETY Act and Cybersecurity: Protecting Your Reputation and Reducing Liability Risk

Hunton Privacy

In 2002, Congress enacted the Supporting Anti-Terrorism by Fostering Effective Technologies Act (“the SAFETY Act”) to limit the liabilities that energy, financial, manufacturing and other critical infrastructure companies face in the event of a serious cyber or physical security attack. Hunton Andrews Kurth LLP recently represented an electric utility in obtaining a first-of-its-kind enterprise-wide SAFETY Act Certification for its cybersecurity risk management program.