Last week medical device maker St. Jude Medical provided security patches and guidelines necessary regarding vulnerabilities in its Internet connected medical devices that were uncovered this summer. You can read the original report from investment research firm Muddy Waters Research here.
All about Virtualization and Cloud Security | Recent Articles:
Let’s face it, when it comes to cybersecurity, 2016 was quite a fascinating year. And while we experienced the traditional breaches this year—data theft for fraud, identity theft, and financial gain—many of the most significant breaches this year were not financially motivated, but political or activist in nature.
The U.S. Government has taken steps it hopes will better protect the users of medical devices, such as pacemakers and insulin pumps, from cyberattacks. For years now the risks of connected medical devices have been demonstrated and well-known. It’s an area we’ve covered here for some time.
There are many reasons why an enterprise may want to implement a bug bounty program. Most notably is that no matter how good an organization’s software testing is, how proficiently developers code security, or how thorough an organization’s software security assessments– there will always be flaws. These flaws make it possible for attackers to exploit security vulnerabilities and bypass security defenses.
Predictions are never easy, and they are seldom right or very useful: but they are always fun. And as the holiday season is upon us and the New Year approaches so does the time of year reflection and, you guessed it: cybersecurity predictions.
When the topic of IoT security comes up, it’s often considered a consumer security issue – fancy controllable houselights, baby monitors, home security systems, and anything else that can be networked. That’s a mistake and IoT devices are certainly marching onto the enterprise. Earlier this week Zscaler published results that took a look at IoT security, and they found a number of enterprise devices were comprised, as well as a number of other startling results.
There’s no doubt that enterprise environments are growing more complex by the day. Just consider the fluid nature of cloud computing and virtualization, the increase in the number of workloads, applications, and types of applications, coupled with the fact that they are distributed among on-premises and various types of cloud, and the explosion of mobile and accelerated adoption of IoT in recent years.
Most every business that is embracing DevOps methodologies is also deploying containers – or thinking about deploying containers. Currently, according to this story in Betanews, there are more than 100 products that currently use containers in agile development and they represent $1.7 billion in venture funding. “Eighty-eight percent of enterprises say they're shifting to a DevOps strategy, and containers are changing the nature of DevOps and transforming infrastructure,” Betanews reports.
It’s absolutely true that, more often than not, security is a barrier to getting things done. Whether it’s a forgotten password, waiting for resources to be provisioned, or a risk-based decision that requires a new initiative to be delayed because potential risks are too high without some additional mitigation. However, when approached correctly and with some forethought, it doesn’t have to be this way.
As enterprises increasingly embrace cloud computing and cloud services, they must also adjust their cybersecurity spending to reflect the new reality of how they’re using (or not using) their data centers and business-technology systems. The fact that there is a shift in security spending because of so-called digital transformation efforts was made clear in the recently released Global State of Information Security Survey (GSISS) 2017 -- a worldwide study conducted by PwC, as well as CIO and CSO magazines.
Attacks on cloud systems and infrastructure are costly. Consider the recent massive distributed denial of service attack aimed at the Internet infrastructure company Dyn. The attack dragged down Amazon, Netflix, Reddit, Spotify, Tumblr, Twitter and others. The network congestion was largely made possible by compromised IoT devices including video cameras and digital video recorders.