Healthcare, IoT, ICS, Product, & Enterprise. Salt Water boating, cancer research, Sourdough OG. He/Him
https://twitter.com/awpiii
https://www.facebook.com/awpiii
https://www.linkedin.com/in/awpiii/
A group of 20-somethings with names like "Big Balls" gain unauthorized access to your servers, delete data, take your website down, and now you can't serve your customers and your organization goes belly up unless you pay money to a mafia boss.
Sounds a lot like ransomware, doesn't it? When your government starts imitating ransomware playbooks, it's a four-alarm fire. At least in theory one can negotiate with ransomware actors.
So... My InfoSec email news distro has gotten out of hand (has for more than a few years now). Any good lists / sources that folks have liked and received value? I'm doing a mass unsubscribe over the next few weeks to clear the noise, and will be starting over. Looking to primarily focus on the Healthcare IT / Medical device space, but still see some value in the traditional IT Security space, too.
Maybe.
"Starting Oct.1, significant changes are going into effect for medical device manufacturers—and medical device cybersecurity experts have mixed opinions on whether device makers are ready for the change.
The FDA's "Refuse to Accept" policy relates to the FDA's review of medical devices and their premarket submission notification, known as the 510(k) submission process (named after the submission form). Under the new Refuse to Accept policy, the FDA will automatically begin rejecting premarket medical device submissions if they fail to meet the FDA's expected description of device security measures, including security controls, handling vulnerability disclosure with security researchers, and a software bill of materials (SBOM).
The new FDA regulatory powers behind the policy came from legislation signed into law in December that gave the FDA more substantial authority over what the agency can require from device makers as they work to get regulatory approval to bring their devices to market."
https://nexusconnect.io/articles/fdas-refuse-to-accept-policy-is-here
PLEASE SHARE ESP TO UNDERREPRESENTED WOMEN LOOKING FOR INFOSEC JOBS: We at Red Queen Dynamics are proud to bring you the Infosec.Exchange State Of The Instance webinar on August 3rd at 11AM Pacific.
Join me, @jerry, Mari Galloway, and Talya Parker to talk about opportunities for underrepresented women in cybersecurity startups after the Twittersplosion removed all our weak social ties. How do we find job postings now that we've all gone to different places? There will be some *very frank opinions* shared.
Get jobs! Talk to Jerry about how I.E. is working to increase the voice of underrepresented women on this platform! Learn from Mari and @TalyaParker about how best to reach to communities respectfully to provide job postings!
Learn more and sign up here: https://redqueendynamics.com/en/blog/infosec.exchanges-state-of-the-instance-navigating-startup-hiring-in-the-post-twitter-world
For some reason – a small part of my brain was prompted to think about this today. Fifteen years ago, this past week, I finished up my first and only stint ever as a sitting juror (and foreman). Six weeks in the jury box for one trial.
For any of you True Crime aficionados: (standard True Crime Trigger Warnings apply here, btw)
https://www.nbc.com/snapped/video/a-look-at-the-chilling-story-of-sheila-labarre/OXYN476421609 , https://www.amazon.com/Sheila-LaBarre-The-Peeler/dp/B09RMWG8FD , and https://www.amazon.com/Wicked-Intentions-Sheila-LaBarre-Murders/dp/0882823418 .
BrianKrebs
Tarah Wheeler