Topics
Industry
Events
Podcasts
Research
Recognition
Leadership
Business Security WeeklySubscribe
IOT, Careers, Leadership, Endpoint Security, Endpoint Security

BSW #210

March 22, 2021
Section 0



How to incorporate security into your existing medical device development process, What artifacts need to be created, & Security activities that are new. Visit https://www.securityweekly.com/bsw for all the latest episodes!

Full Episode Show Notes

Medical Device Secure Development Lifecycle

Guests

Christopher Gates

Christopher Gates – Director of Product Security at Velentium

Christopher is Velentium’s Director of Product Security, overseeing the company’s Cybersecurity division. Christopher has worked for over 40 years developing medical devices, the last 12 of which have been dedicated to device cybersecurity.

Christopher describes himself as a prophet who evangelizes the benefits of a secure development lifecycle, not only to increase a device’s security but also to ease the burden of the developer and ensure the high-quality outcome of the product itself. Christopher is on a five year mission to raise the level of cybersecurity in the medical device industry, this started with the first and only book published about Medical Device Cybersecurity and is continuing with certified training in embedded cybersecurity for medical device manufacturers.

Hosts

Adrian Sanabria

Adrian Sanabria – Senior Research Engineer at CyberRisk Alliance

@sawaba

Adrian is an outspoken researcher that doesn’t shy away from uncomfortable truths. He loves to write about the security industry, tell stories, and still sees the glass as half full.

Jason Albuquerque

Jason Albuquerque – CIO & CSO at Carousel Industries

@Jay_Albuquerque

Jason Albuquerque is the CIO & CSO at Carousel Industries

Paul Asadoorian

Paul Asadoorian – Founder at Security Weekly

@securityweekly

Paul Asadoorian is the founder of Security Weekly, which was acquired by CyberRisk Alliance. Paul spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones.

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

  • Our next live webcast will be on April 29th at 11am ET where you will learn how to prepare for modern ransomware attacks! Visit https://securityweekly.com/webcasts to register now! If you missed any of our previously recorded webcasts or technical trainings, they are available for your viewing pleasure at https://securityweekly.com/ondemand

Audio

Section 1



In the Leadership and Communication Segment, 5 Reasons Why Cybersecurity Should Be A Priority While Planning Your Business, 3 Key Tasks That Help Me Work Way Less and Accomplish More, Everything You Need to Know About Dictionary Attacks, Is Misinformation Slowing SASE Adoption, & more! Visit https://www.securityweekly.com/bsw for all the latest episodes!

Full Episode Show Notes

Dictionary Attacks, SASE Misinformation, & 3 Key Tasks

Hosts

Adrian Sanabria

Adrian Sanabria – Senior Research Engineer at CyberRisk Alliance

@sawaba

Adrian is an outspoken researcher that doesn’t shy away from uncomfortable truths. He loves to write about the security industry, tell stories, and still sees the glass as half full.

Jason Albuquerque

Jason Albuquerque – CIO & CSO at Carousel Industries

@Jay_Albuquerque

Jason Albuquerque is the CIO & CSO at Carousel Industries

Paul Asadoorian

Paul Asadoorian – Founder at Security Weekly

@securityweekly

Paul Asadoorian is the founder of Security Weekly, which was acquired by CyberRisk Alliance. Paul spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones.

Announcements

  • Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, and join our Discord Server!

  • If you missed Security Weekly Unlocked, you can now access all of the content on-demand, whether you registered before the live event or not, by visiting https://securityweekly.com/unlocked and clicking either the button to register or the button to login!

Audio

Related

Patch management
7 vulnerabilities patched in Axeda IIoT remote management tool, popular in medical sector

Joe UchillMarch 8, 2022

PTC sunset Axeda in 2019, but the industrial IoT remote monitoring and management agent is still in use in several systems. Based on Forescout telemetry, it is particularly popular in active use within the medical sector, particularly lab testing and imaging.

IOT
Healthcare sector saw largest increase in IoT malware attacks in 2021

Jessica DavisFebruary 17, 2022

SonicWall Cyber Threat report shows the rate of IoT malware attacks are heaviest against the healthcare sector, spotlighting the continued pressure on critical infrastructure.

IOT
More than 100 tech companies, cyber organizations rally around 5 baseline security standards for IoT devices

Derek B. JohnsonFebruary 17, 2022

The organizations – ranging from private companies like Google, Microsoft and Deloitte to non-profits like Consumer Reports, the Center for Internet Security, and the Cyber Threat Alliance – say there is a “global consensus” forming around core IoT security standards that must be addressed through a mix of government regulation and voluntary private sector action.

prestitial ad

About Us
SC MediaCyberRisk AllianceContact UsCareersPrivacy
Get Involved
SubscribeContribute/SpeakAttend an eventJoin a peer groupPartner With Us
Explore
Product reviewsResearchWhite papersWebcastsPodcasts

Copyright © 2022 CyberRisk Alliance, LLC All Rights Reserved This material may not be published, broadcast, rewritten or redistributed in any form without prior authorization.

Your use of this website constitutes acceptance of CyberRisk Alliance Privacy Policy and Terms & Conditions.