Medical device manufacturers should consider cybersecurity risks as part of the design and development of their products and submit documentation to the Food and Drug Administration about the risks identified and controls in place to mitigate those risks, says a final recommendation from the agency.
A recent review of three health insurance exchanges identified a variety of information security vulnerabilities ranging from unauthorized database access to poor information storage practices.
Federal regulatory agencies are taking on a greater advisory role in helping critical infrastructure and financial services companies apply the National Institute of Standards and Technology's cybersecurity framework and reduce their cyber risks, several experts recently said.
While the Consumer Financial Protection Bureau has taken steps to protect its large-scale data collectsion, ranging from credit card accounts to payday loans, it still needs to implement several more processes and practices to enhance privacy and information security, congressional investigators said.
Data localization and "technological sovereignty" movements have gathered strength in Europe and South America since the National Security Agency's surveillance programs became public knowledge. But it's a knee-jerk reaction to require that data reside within a country's borders and it doesn't necessarily ensure security or privacy, said Internet governance experts at a Sept. 19 New America Foundation event.
Some security and privacy weaknesses that were part of healthcare.gov's initial deployment remain unresolved, finds the Government Accountability Office. While the Center for Medicare and Medicaid Services has addressed some of the issues with the site, it hasn't fully mitigated all of them, says the watchdog.
The National Institute of Standards and Technology is awarding almost $3 million in its third round of grants to pilot real-world implementation of the White House's National Strategy for Trusted Identities in Cyberspace, or NSTIC.
The National Security Agency surveillance charges brought by Edward Snowden have not negatively affected relationships with foreign counterparts, said NSA Director Adm. Michael Rogers. The corporate sector, nation states and foreign intelligence counterparts have not fundamentally walked away from the NSA, he added.
In one year alone, hackers working for the Chinese government penetrated computer networks of U.S. Transportation Command contractors at least 20 times, the Senate Armed Services Committee revealed Sept. 17 after a year-long investigation.
It's unlikely that Congress will have time to address cybersecurity legislation as the end of the fiscal year rapidly approaches, according to Former National Security Agency Director and retired Air Force Gen. Michael Hayden.