It's been an amazingly busy year for medical device security. In 2015, the average hospital had not heard of ransomware. (We warned of the hospital malware onslaught in 2012!) In 2016, the hospital C-suites began asking us, "Could that happen here??" after neighboring health systems were taken offline for days by malware. Duh, yes. The important question is how will you ensure that hospital operations continue to remain available to deliver patient care despite legacy capital equipment, cybersecurity risks, and the shifting threat landscape.
This blog post is about the long awaited fact sheet from HHS Office of Civil Rights (OCR) on ransomware, and why you should take this one seriously in terms of having an accurate inventory of networked medical devices to reduce the probability of enjoying the pleasure of reporting a breach to OCR.
Last week, the Food and Drug Adminstration (FDA) closed the public comment period on the draft guidelines for Postmarket Management of Cybersecurity in Medical Devices.
Recently we've been fielding a lot of questions about internships at Virta Labs ('tis the season), and we wanted to share some answers to the questions we hear most often. We're always happy to hear from prospective candidates. tl;dr: get in touch if you're amazing and you want to take ownership of a meaningful project during an internship.
Also, keep your eyes peeled in the coming days for an interview with hacker extraordinaire and current intern Jessica Wilson.