Eric Johnson Comments On The Roles Of Security Executives

THaW member Eric Johnson recently published an article at the website Third Certainty about how Security Executives can best achieve their goals. In the article, he delves into approaches executives can take, and how they can achieve optimal leadership. To read more, click through below.

Eric Johnson – Security executives must lead through influence rather than control

Kevin Fu Discusses The Challenges of Ransomware

THaW researcher Kevin Fu recently joined his colleague Harold Thimbleby to discuss the challenges and obstacles created by ransomware. Read their comprehensive assessment of the problem, as well as possible solutions, at the link below.

HealthcareITNews — Ransomware:
 How we can climb out of this mess

THaW Project LightTouch Selected For INFOCOM

THaW Researchers Xiaohui Liang, Tianlong Yun, Ronald Peterson, and David Kotz have been researching new methods for connecting wearables to external screens. Their paper, LightTouch: Securely Connecting Wearables to Ambient Displays with User Intent, has been accepted to INFOCOM 2017. In it, they explore a security system that uses a screen’s brightness level to ensure secure connection between screen and device. Moreover, they also address additional screen-based counter measures that can be taken to further secure the protocol. For more information and to read the paper, click the link below.

liang-lighttouch

Eric Johnson Talks with Charles Lebo: Healthcare Data Security


THaW contributor Eric Johnson’s conversations from the CISO conference continued with VP and CISO of Kindred Healthcare, Charles Lebo. The two had a conversation to discuss some of the emerging challenges of healthcare security. The topics ranged from the scope of large healthcare datasets, to the emergence of ransomware and maintaining data security.

Click here, or play the embedded video above, to hear the discussion in full.

New York Times Features THaW Research Into Acoustic Device Hacking

14SOUNDWAVE1-master768

THaW researcher Kevin Fu’s work on acoustic device hacking has recently been featured in the New York Times. The article discusses the team’s work on using acoustic signals to fool sensors in mobile device, and create the potential for security violations. For more information beyond the article, click here for a quick video, or read the complete paper below.

WALNUT: Waging Doubt on the Integrity of MEMS Accelerometers with Acoustic Injection Attacks

Interactive Map Of US Healthcare Breaches

interactive map
The Health Information Technology for Economic and Clinical Health (HITECH) Act requires health care providers and health plans that experienced a data breach of unsecured protected health information affecting more than 500 persons to notify the U.S. Department of Health and Human Services (HHS). HHS maintains a public database of the reported breaches submitted from October 2009 to the present. THaW researchers recently constructed an interactive map to visualize the HHS database of health data breaches.

CENTURION Explores New Methods In Crowd-Sourced Data Collection

THaW researchers Haiming Jin and Klara Nahrstedt of UIUIC, in collaboration with Lu Su of SUNY Buffalo, recently had a paper accepted to IEEE INFOCOM 2017. Entitled CENTURION, the research explores the incentivization of participants in crowd sourced data collection. Notably, CENTURION rethinks the existing model of crowd sourced data collection (one consumer, one set of incentives), and instead takes the novel approach of applying a double auction model with multiple consumers and multiple incentives. The result is a system that can guarantee non-negative social welfare impact, among other benefits. To explore CENTURION further, click below.

jin-centurion

THaW Co-Hosts Workshop For Building Secure Connected Healthcare Organizations

pano_20161118_113707

In mid-November THaW was excited to co-host, along with the Center For Digital Strategies at the Tuck School of Business and the Owen School of Management, a workshop on building secure connected healthcare organizations.

The workshop was attended by CISOs from twelve interested healthcare organizations, as well as members of the THaW project. It provided for a day of conversation about cybersecurity best practices and challenges. Over the course of the workshop, with moderation by Eric Johnson and Hans Brechbuhl, the group touched upon a wide array of subjects; we are now happy to present some key insights and a summary of the day’s proceedings. Highlights include insights regarding phishing attacks, medical device security, and the emerging Internet of things.

Click through below to review the document, and feel free to share with your colleagues!

Overview: Building Secure Connected Healthcare Organizations

Eric Johnson talks with Paul Connelly: Healthcare Analytics and Information Security

THaW contributor Eric Johnson recently sat down with VP and CISO of Hospital Corporation of America Paul Connelly to discuss advancements in healthcare analytics and information security. Over the course of the discussion the two touch on the sheer volume of data created by HCA, and how analytics can be used to give that data value in contributing to informed decision making, while at the same time protecting patient security.

Click here, or play the embedded video above, to hear the discussion in full.