In June, THaW’s Eric Johnson once again met with a prominent Information Security Officer to discuss the state of security in health care. Juniper Networks’ CISO Sherry Ryan met with Eric to discuss the global implications of cloud-based computing, and attacks from hostile nation states. Click above to watch the discussion in full.
As part of THaW’s efforts to discuss the state of security in the health care industry, Eric Johnson continues to meet with prominent Information Security Officers to discuss the current challenges in the industry. This time, Eric met with Cardinal Health’s Talvis Love to discuss a variety of topics, including the intricacies of a the migration to the cloud for data storage and retrieval. Click above to watch the discussion in full.
A team featuring THaW PI Carl Gunter and led by his student Guliz Seray Tuncay recently won “Best Paper” at NDSS. Resolving the Predicament of Android Custom Permissions was so well received at the conference it took home highest honors. To check out the full text, and what the team discovered about conflicting trust levels in regard to Android permissions, click through on the link below.
PDF: Resolving the Predicament of Android Custom Permissions
THaW researcher Kevin Fu, along with colleagues Chen Yan and Wenyuan Xu, recently released a technical report on a mysterious ailment at the United States embassy in Cuba. After exploring a wide variety of options, the trio concluded that the ailment may in fact have inadvertently been caused by interfering ultrasonic waves in the environment. Click through below to see some press coverage their discoveries have received, in addition to the full technical report.
The Conversation – Can Sound Be Used As A Weapon?
IEEE Spectrum – Finally, A Likely Explanation for the “Sonic Weapon” Used At The US Embassy In Cuba
PDF: On Cuba, Diplomats, Ultrasound, and Intermodulation Distortion
As part of THaW’s efforts towards community outreach and education, we have developed a curriculum based on the FitBit technology platform. This curriculum has been successfully deployed in two pilot groups let by THaW associates over the past two years.
Now, THaW researcher Joseph Carrigan, along with PI’s David Kotz and Avi Rubin, has formalized the curriculum into a technical report to allow others to use our implementation. Said Carrigan, “We developed an outreach activity that is engaging, informative, and repeatable. We are interested to see how it will be used at other locations.” To peruse the technical report and access the curriculum guidelines, please click below.
THaW member Eric Johnson (along with co-author Sung Choi) recently published at the 14th Workshop on The Economics of Information Security. In the paper, the two explore the ramifications of hospital data breaches, and if these breaches have an effect on quality of care. To learn more, click through to the paper below.
THaW leader Kevin Fu was recently named a fellow by the Institute of Electrical and Electronics Engineers (IEEE) for his contributions to embedded and medical device security. The honor comes as part of the 2018 class, and is “a distinction reserved for select IEEE members whose extraordinary accomplishments in any of the IEEE fields of interest are deemed fitting of this prestigious grade elevation”. To read more about Kevin’s award and accomplishments, click through below.
Kevin Fu Elected IEEE Fellow for Contributions to Embedded and Medical Device Security
In a recent Viewpoint article in JAMA, THaW member Kevin Fu explored a recent pacemaker vulnerability, and its ramifications for medical device security in general. In the post, he discusses both the full extent of the vulnerabilities, as well as the practical considerations to be taken as a result. To read the full text of the article, click the link below.
Cybersecurity Concerns and Medical Devices – Lessons From a Pacemaker Advisory
THaW member Eric Johnson recently published an article at the website Third Certainty about how Security Executives can best achieve their goals. In the article, he delves into approaches executives can take, and how they can achieve optimal leadership. To read more, click through below.
Eric Johnson – Security executives must lead through influence rather than control
THaW researcher Kevin Fu recently joined his colleague Harold Thimbleby to discuss the challenges and obstacles created by ransomware. Read their comprehensive assessment of the problem, as well as possible solutions, at the link below.
HealthcareITNews — Ransomware: How we can climb out of this mess
Trustworthy Health and Wellness 