Cybersecurity in manufacturing

OpenText Information Management

Not long ago, many manufacturing CIOs thought that cybersecurity was something only the financial sector had to worry about. Why would anyone want to hack a manufacturing plant? How times have changed – now, cybersecurity in manufacturing is definitely front and center. I … The post Cybersecurity in manufacturing appeared first on OpenText Blogs.

Tracking Cybersecurity Threats in Manufacturing

Data Breach Today

With the rise of the industrial internet of things comes a far broader attack surface in the manufacturing sector. Chris Morales of Vectra outlines findings of a new report on cyberattack trends in the manufacturing sector

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Medical Device Security: The Manufacturer's View

Data Breach Today

Michael McNeil of Philips on the Manufacturer's Role in Improving Device Cybersecurity Awareness of medical device security issues has grown dramatically over the past few years. But Michael McNeil of device manufacturer Philips argues that cybersecurity is still years behind where it should be, so stakeholders are playing catch-up

Cyberattack Hits Aircraft Parts Manufacturer

Dark Reading

Belgium's Asco has shut down manufacturing around the world, including the US, in response to a major cybersecurity event, but what happened isn't clear

US House Passes IoT Cybersecurity Improvement Act

Security Affairs

House of Representatives passed the IoT Cybersecurity Improvement Act, a bill that aims at improving the security of IoT devices. House of Representatives last week passed the IoT Cybersecurity Improvement Act, a bill designed to improve the security of IoT devices. The U.S.

IoT 104

Swiss rail vehicle manufacturer Stadler hit by a malware-based attack

Security Affairs

Stadler, a Swiss manufacturer of railway rolling stock disclosed a data breach, hackers attempted to blackmail the company. International rail vehicle manufacturer, Stadler , disclosed a security breach that might have also allowed the attackers to steal company data. ” The rail vehicle manufacturer is investigating the incident with the help of external security experts. “The IT network of the rail vehicle manufacturer Stadler has been attacked with malware.”

FDA Reveals Steps to Bolster Medical Device Cybersecurity

Data Breach Today

Playbook' Prepared; Data Sharing Efforts Planned In its ongoing quest to improve the state of medical device cybersecurity, the FDA has announced a number of key moves - including the release of a security "playbook," plans to leverage information sharing and analysis organizations and an effort to update its 2014 premarket guidance for manufacturers

FDA Calls for 'Cybersecurity Bill of Materials' for Devices

Data Breach Today

Food and Drug Administration Releases Draft of Updated Pre-Market Guidance for Medical Devices Before marketing their medical devices, manufacturers should prepare a "cybersecurity bill of materials" that lists components that could be susceptible to vulnerabilities, according to a draft of updated FDA premarket guidance

Third-Party IoT Vulnerabilities: We Need a Cybersecurity Paradigm Shift

Dark Reading

The only entities equipped to safeguard Internet of Things devices against risks are the IoT device manufacturers themselves

Top cybersecurity Predictions for 2020

Security Affairs

The 2020 Cybersecurity Landscape – Below Pierluigi Paganini’s cybersecurity predictions for the next twelve months. Here we are again for the annual prediction of the events that I believe will impact the cybersecurity landscape in the next year. Although the device vendors are implementing new security features in their systems, a lot of them from many manufacturers still do not implement security-by-design, making these systems easy to hack.

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

IoT devices are exposed to cybersecurity vulnerabilities. However, if you know where the dangers lurk, there is a way to minimize the cybersecurity risks. Here are five significant cybersecurity vulnerabilities with IoT in 2020. The Flaws in Manufacturing Process.

IoT 94

European Commission proposes reinforcement of EU Cybersecurity rules

DLA Piper Privacy Matters

On 16 December 2020, the European Commission adopted a proposal for a Directive on measures for a high common level of cybersecurity across the Union (“NIS II Directive”) that revises the current Directive on Security of Network and Information Systems (“NIS Directive”).

New Guidance Published on Cybersecurity and Medical Devices

Data Matters

New European medical device guidance will require manufacturers to carefully review cybersecurity and IT security requirements in relation to their devices and in their product literature. In December 2019, the Medical Device Coordination Group (MDCG) published its guidance on cybersecurity for medical devices (the Guidance). The Guidance acknowledges that even though the Regulations impose legal obligations only on the manufacturer of the device, all other actors (e.g.,

FDA Proposes Action to Enhance Medical Device Cybersecurity

Data Breach Today

Agency Seeks Congressional Authority to Require Makers to Take Certain Steps The FDA has issued plans for advancing the safety of medical devices, including a proposal to impose new cybersecurity requirements on manufacturers. Some experts say the FDA's plans are a good move, given the current device risk environment, but they warn that some proposals could prove difficult to achieve

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

Krebs on Security

” Using threat intelligence feeds donated by dozens of cybersecurity companies, the CTC is poring over more than 100 million pieces of data about potential threats each day, running those indicators through security products from roughly 70 different vendors. “If you want [the cybersecurity industry’s] help against certain targets, you have to tell us who they are ahead of time.

A CIO on Carrying the Burden of Medical Device Cybersecurity

Data Breach Today

A lack of standards spelling out to manufacturers their responsibilities for addressing the cybersecurity of their medical devices - especially legacy products - has left a big burden on the healthcare entities that use these devices, says Cletis Earle, CIO at Kaleida Health

Agreement on Proposal for Cybersecurity Act

Hunton Privacy

The European Commission (“Commission”), the European Parliament (“Parliament”) and the Council of the European Union reached an agreement earlier this month regarding changes to the Proposal for a Regulation on ENISA, the “EU Cybersecurity Agency”, and repealing Regulation (EU) 526/2013, and on Information and Communication Technology Cybersecurity Certification (the “Cybersecurity Act”). Cybersecurity certification framework.

The Cost of Dealing With a Cybersecurity Attack in These 4 Industries

Security Affairs

A cybersecurity issue can cause unexpected costs in several different areas, which is the cost of Dealing with an attack in 4 Industries? A cybersecurity issue can cause unexpected costs in several different areas. And, the costs go up if the health care facility does not have a cybersecurity response plan to use after an attack gets identified. Manufacturing. The manufacturing industry was not always known to embrace connected technology, but that’s changing.

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

The Last Watchdog

With the largest concentration of cybersecurity expertise –– the “oil” — in the world, Maryland is fast changing from the Old Line State into “Cybersecurity Valley.” In addition, the state is home to 16 nationally designated cybersecurity Centers of Excellence and a state university and college system that graduates more cyber-degreed engineers than any other state. According to Cybersecurity Ventures, there will be 3.5

NIST Updates Cybersecurity Framework

Data Matters

On April 17, the National Institute for Standards and Technology (NIST) released an updated version of its standard-setting Cybersecurity Framework. Commerce Secretary Wilbur Ross announced the new release with a statement saying the “Cybersecurity Framework should be every company’s first line of defense” and “adopting version 1.1 For example, the revised introduction notes that “similar to financial and reputational risks, cybersecurity risk affects a company’s bottom line.

Singapore presented the Operational Technology (OT) Cybersecurity Masterplan

Security Affairs

The Cyber Security Agency of Singapore (CSA) presented the Operational Technology (OT) Cybersecurity Masterplan to increase the resilience of Critical Information Infrastructure (CII) sectors. The Cyber Security Agency of Singapore (CSA) presented the Operational Technology (OT) Cybersecurity Masterplan to enhance the security and resilience of Singapore’s Critical Information Infrastructure (CII) sectors in delivering essential services.

Alerts: Vulnerabilities in 6 Medical Devices

Data Breach Today

DHS Warns of Security Issues in Devices from Baxter, BD and Biotronik Federal authorities are sounding the alarm about cybersecurity vulnerabilities in six medical devices from three manufacturers. The device makers are providing risk mitigation advice

How To Solve The Cybersecurity Skills Shortage

Cyber Info Veritas

We’ve all read and heard somewhere about the cybersecurity skills shortage. For me, this brings up the question of how to solve the cybersecurity skills shortage. Solving the cybersecurity skills shortage should be no different. Changing the framework These are the ways that I’m proposing here on how we can close the gap on this cybersecurity skills shortage, which worked for me. There wouldn’t be a cybersecurity specialist without understanding these IT basics.

The DHS Cybersecurity Strategy: Five Pillars of Cybersecurity Goals

Thales eSecurity

The recent DHS Cybersecurity Strategy was released at a crucial time when today’s cyberspace has become a new frontier for warfare for both nation states and criminal hackers. The DHS Cybersecurity Strategy is a well-thought-out framework with five pillars of cybersecurity goals to support critical infrastructure, government networks and non-government entities. All in all, the DHS Cybersecurity Strategy provides a solid framework for cybersecurity.

Lessons for In-House Counsel from Cybersecurity’s Front Lines

HL Chronicle of Data Protection

Recent developments reinforce the urgent need for general counsel and legal departments to deepen their focus on cybersecurity. Lessons for In-House Counsel from Cybersecurity’s Front Lines was written by members of the Hogan Lovells Privacy and Cybersecurity practice Peter M. In today’s environment, any organization can be the target of a cyberattack, regardless of industry, size, or geographic footprint.

Why You Should Teach Yourself Cybersecurity

Cyber Info Veritas

The problem comes when you or anyone want to get a job or are looking to learn about Information Technology or Cybersecurity and face the frustration when competing out there with the Pros. In highly regulated companies, such as Pharmaceuticals, their manufacturing processes are bound to procedures which are audited periodically. This is only one of many reasons why you should teach yourself about cybersecurity or any information technology related subject.

Privacy and Cybersecurity September 2019 Events

HL Chronicle of Data Protection

Paul Otto will speak on cybersecurity & patient safety at the Medical Device Manufacturers Association’s 12th Annual Medical Technology Executive Forum. The Hogan Lovells Privacy and Cybersecurity KnowledgeShare will share the latest thinking on the key privacy and cybersecurity issues faced by those with data protection responsibilities within organisations. News & Events autonomous vehicles CCPA cybersecurity GDPR medical devices patient data privacy

Shortages of talent, training haunt cybersecurity efforts

Information Management Resources

Manufacturers face serious cyber security concerns, but they continue to struggle with finding skilled professionals and might be underspending on security training. Data security Cyber security Cyber attacks

2018 Predictions – Rise of IoT adoption will increase cybersecurity attacks

Thales eSecurity

With 2018 approaching, I have been thinking about what will happen in the cybersecurity landscape and would like to make some predictions for the year ahead. First, John Grimm, our Senior Director of Security Strategy writes, “As we look at the IoT, especially at OT-type environments and manufacturing plants, where there are industrial-type systems that are all connected, we’re starting to see how the operational world and the traditional IT world will come together.

IoT 75

Huawei Security Shortcomings Cited by British Intelligence

Data Breach Today

More 'Defects' Found in Software Engineering and Cybersecurity Processes Britain's intelligence establishment warns that Chinese networking giant Huawei's "software engineering and cybersecurity processes" continue to be beset by unresolved "defects" and that improvements promised by the manufacturer have yet to be seen

NHTSA Releases New Automobile Cybersecurity Best Practices

Hunton Privacy

The National Highway Safety Administration (“NHTSA”) recently issued non-binding guidance that outlines best practices for automobile manufacturers to address automobile cybersecurity. The guidance, entitled Cybersecurity Best Practices for Modern Vehicles (the “Cybersecurity Guidance”), was recently previewed in correspondence with the House of Representatives’ Committee on Energy and Commerce (“Energy and Commerce Committee”).

Medtronic Cardiac Devices Recalled Due to Cyber Concerns

Data Breach Today

FDA Announces 'Voluntary Recall' Related to Vulnerabilities The FDA has announced a "voluntary recall" by Medtronic of certain internet-connected programmers for implantable cardiac devices due to cybersecurity vulnerabilities. Some security experts are hopeful that this will serve as a wake-up call for more manufacturers to take action on addressing cybersecurity issues

Pentagon Buys Equipment With Known Vulnerabilities: Audit

Data Breach Today

Report Also Highlights Cybersecurity Concerns About Use of Equipment Made in China The U.S. Department of Defense has purchased IT gear known to have significant cybersecurity vulnerabilities, according to a new inspector general audit, which also highlights concerns about the use of equipment manufactured in China

Webinar on the SAFETY Act and Cybersecurity: Protecting Your Reputation and Reducing Liability Risk

Hunton Privacy

In 2002, Congress enacted the Supporting Anti-Terrorism by Fostering Effective Technologies Act (“the SAFETY Act”) to limit the liabilities that energy, financial, manufacturing and other critical infrastructure companies face in the event of a serious cyber or physical security attack. Hunton Andrews Kurth LLP recently represented an electric utility in obtaining a first-of-its-kind enterprise-wide SAFETY Act Certification for its cybersecurity risk management program.

Treating cybersecurity like workplace safety

CGI

Treating cybersecurity like workplace safety. When I worked with a major global chemical manufacturer, every meeting began with a PowerPoint presentation on safety, highlighting the importance of the topic. Cybersecurity is critical to digital transformation, but, more importantly, it must be part of a culture change throughout a government organization. Tips to prioritize cybersecurity. premanath.puch…. Fri, 07/06/2018 - 00:40.

EUROPE: EU MDGC issues new guidance on Cybersecurity for medical devices

DLA Piper Privacy Matters

On 7 January 2020, the EU Medical Device Coordination Group published new guidance to help manufacturers fulfil all relevant cybersecurity requirements in Annex I to the new Medical Device Regulations (Regulations 2017/745 on medical devices and 2017/746 on in vitro diagnostic medical devices) (the Guidelines).

Treating cybersecurity like workplace safety

CGI

Treating cybersecurity like workplace safety. When I worked with a major global chemical manufacturer, every meeting began with a PowerPoint presentation on safety, highlighting the importance of the topic. Cybersecurity is critical to digital transformation, but, more importantly, it must be part of a culture change throughout a government organization. Tips to prioritize cybersecurity. pallavi.m@cgi.com. Tue, 05/15/2018 - 04:16.

Why Cybersecurity Will Save the Internet of Things

AIIM

In this article, we will explain why cybersecurity will save IoT and let us progress well into the future with greatly reduced hazard. It is the ability of your car to keep in constant communication with the manufacturer to report any problems it may be suffering that cannot be seen. Cybersecurity prevents massive hacking attempts from upending our lives or destroying businesses haphazardly and with little regard for its implications.

IoT 43

Treating cybersecurity like workplace safety

CGI

Treating cybersecurity like workplace safety. When I worked with a major global chemical manufacturer, every meeting began with a PowerPoint presentation on safety, highlighting the importance of the topic. Cybersecurity is critical to digital transformation, but, more importantly, it must be part of a culture change throughout a government organization. Tips to prioritize cybersecurity. pallavi.m@cgi.com. Thu, 04/19/2018 - 02:18.

Health Sector Council Released Cybersecurity Recommendations for Medical Devices and Health IT

Data Matters

On January 28, 2019, the Healthcare and Public Health Sector Coordinating Council released the “ Medical Device and Health IT Joint Security Plan ” (“JSP” or “Plan”)—cybersecurity recommendations for medical device manufacturers, healthcare information technology vendors, and healthcare providers. The JSP also recommends a cybersecurity management plan to track “how cybersecurity will be managed throughout the product lifecycle.”