Medical IoT devices operate in care facility environments that encompass care giving, case management, customer service, and clinic management. As such, the risk of data gathered and managed by medical devices extends beyond the device itself. A compromise of clinic management services can propagate to IoT device command and control, allowing compromise of devices in attacks that do not directly touch the device at all. This is clearly the major driver for the emerging category of “Medical IoT (IoMT) Cyber Security ”

A large hospital for examples could be home to as many as 85,000 connected devices. While each of these devices has a significant role in the delivery of care and operational efficiency, each connected device also opens the door to a malicious cyberattack. A recent report from Irdeto,  found that 82 percent of healthcare organizations’ IoT devices have been targeted with a cyberattack within the last year.

Going over the players in this industry, it is clear that the Medical IoT security category includes a number of different approaches with the common target to provide the customer with a clear assets discovery and timely alerting on security breaches and attacks on its Medical environment.

Although many large security players are addressing this niche too, CyberDB identified a number of emerging players that are focusing on this industry and as such we expect them to benefit from the growth in this market. These players are (in alphabetical order):

Continue reading

While it may be true that nobody can predict the future, when it comes to cybersecurity you can give it a good go. By looking at the security developments that we have witnessed over the past few years, it is perfectly possible to forecast what is likely to happen in the near future.

Plus, with 2020 just around the corner, now is the time to do exactly that. Staying ahead of the game and doing all you can to avoid the risk of a cyber-attack is vital; and what better way is there to do just that than by preparing yourself in advance.

From the rise of 5G to the implementation of AI, here are five cybersecurity predictions for the coming year.

Continue reading

Despite its negative connotations, the Dark Web is nothing to be afraid of. Few know that the Dark Web was actually thought out as a means of preserving privacy and security. However, this also enabled it to become a breeding ground for illegal activity.

There are certainly things to be distrustful of when navigating the Dark Web, and before venturing into it head-first, you should understand certain things about it.

What is the Dark Web?

The first thing you need to know is that there is no actual database for the Dark Web. Instead, there are only what are known as “peer to peer connections”, which means that the data you are accessing is not stored in just one place.

Instead, it is found on thousands of different computers that are part of the network, so that no one can actually identify where the information is coming from. You can upload to the network, but when downloading, there is no telling where you’re getting the data from.

Continue reading

Businesses need to take their cyber security seriously. There are huge financial implications for being hacked, not just from the perspective of lost revenue and weakened reputation, but also in the form of stricter regulations from laws such as the General Data Protection Regulation (GDPR). However, there are a number of myths about cyber security that make it difficult for companies to know what the best course of action is. Here are four myths about cyber security that are still affecting British businesses.

Myth #1: Cyber security is purely dealt with by the IT department

One commonly held myth that can actually put businesses at risk is the idea that cyber security is something that the IT department (and only the IT department needs to be concerned about). Of course, it is necessary to provide your IT team with the budget and resources to defend your business against the risk of a cyber-attack.

Continue reading

Virtual Cybersecurity Labs

Cybercrime affecting businesses has become so widespread that IT and network security professionals are always thinking about that next breach and the costs of recovering from it. This increased risk has also raised the demand for better virtual defenses to prevent the loss of sensitive organizational data such as personal consumer details and internal communications.

There is a substantial need for cybersecurity training. It’s something that many businesses are interested in, but implementing the right system isn’t easy. Physical labs are expensive, require significant time and resources, and aligning everyone’s schedules is often impossible.

Virtual labs are a great way for you to provide your customers and partners with access to the latest cybersecurity product demos and training. These labs are accessible from anywhere, customers can engage with them on their terms, they cost less, and increase the overall quality of the training.

Continue reading

White House

With the approach of the United States’ 2018 midterm elections, concerns have been expressed by many regarding the security and integrity of the voting process.  Given the news how suspected Russian agents actively sought to use hacking and influence operations to sway voters in a particular direction during the presidential election, the concern is legitimate, even if there was no evidence that votes were actually altered in 2016.  The preservation of the democratic voting process has been thrust into symbolic “red line” territory that needs and should be protected against foreign interference.  Indeed, the Department of Homeland Security re-enforced this by elevating election infrastructure to the status of “critical infrastructure” in early 2017.

Clearly, hacking and gaining unauthorized access to those systems and devices associated with the election process is something that deserves immediate attention.  After all, many countries would ostensibly agree that breaking into computers is a criminal offense, regardless if data is taken, destroyed, or altered.  In the 2016 U.S. presidential election, there were clear incidents where suspected Russian hackers stole data, and even compromised voter-related records, resulting an indictment of Russian nationals on a wide variety of charges ranging from conspiracy to commit fraud, money laundering, and identity theft, to name a few.

Continue reading

It is not a secret that many people nowadays do not pay much attention when they surf the web at home or at work. There are new data breaches and exploits on a daily basis and still avoiding to take any precautions may result in a catastrophic consequences. Even the biggest corporations are paying millions of dollars so they can improve their cybersecurity and remain safe. However, if you still believe in some of the cybersecurity myths you may put your own computer or even your whole organization to a huge risk. We from CyberDB have decided to bust some of the top 5 cyber security myths and make it clear for you.

Continue reading

Trump Cybersecurity background

The White House has recently published its new National Cyber Strategy, rescinding an Obama-era memorandum Presidential Policy Directive-20 (PPD-20) that laid forth the process by which the United States would undertake cyber attacks against cyber foes, to include foreign state actors.  The Strategy consists of four primary pillars designed to guide how the United States will undergo defensive, and perhaps more importantly, offensive actions in order to preserve its interests in cyberspace.  Per the Strategy, the four pillars are:

Continue reading

US Cybersecurity

A recent article revealed that the United States government has gotten better at providing unclassified cyber threat information to the private sector.  Law enforcement and intelligence organizations have greatly cut down the time it takes to provide unclassified versions of cyber threat indicators (a term that can reference that can refer to a variety of technical data that includes but is not limited to IP addresses, malware, e-mail addresses, etc.) to the Department of Homeland Security (DHS) to disseminate promptly to the private sector.  The process had traditionally been slow as it involves an originating agency to determine if the indicator has been properly vetted without exposing sources and methods, per the article.

 

Speed of delivering pertinent threat information is certainly an improvement in a domain where attacks occur in seconds.  A November 2017 report from the DHS Office of the Inspector General provided a report on actions taken during 2016 in fulfillment of direction mandated by the Cybersecurity Information Sharing Act of 2015 with regards to the sharing of threat indicators.  Per the report, despite successfully classifying indicators and defensive measures, it still faced challenges effectively sharing such information across the public and private sectors.  The report advocated enhanced outreach and a cross-domain information processing solution.

Continue reading

Lock and network cable with computer keyboard background

Nowadays the cyber security is essential for individuals, companies, economies, governments and nations as a whole. The reality is that all of them are trying to stay on track against the latest cyberattacks, but there are some countries committing most to cybersecurity.

One of the best ways to determine where most of the cyber attack really come from in real time is by using the map created by Norse.

NORSE Heatmap

(Source:Norse.com)

Another great alternative if you want to find out which are the countries best prepared against cyberattacks is to use the Global Cybersecurity Index (GCI) created by the International Telecommunication Union (ITU).  As described by them it is “…a survey that measures the commitment of Member States to cybersecurity in order to raise awareness.” The GCI covers the five pillars of the ITU Global Cybersecurity Agenda (GCA): legal, technical, organizational, capacity building and cooperation.

Continue reading