Part 1: A complex problem with a simple explanation Remotely connected security cameras have become commonplace in our everyday lives. They help organizations secure a facility, manage authorized areas, prevent theft, and more. But these IoT devices that seem to blend into the landscape may not be as secure as other connected products we rely […]
Below is an interview between David Leichner, CMO at Cybellum, and John Santagate of Körber– originally published by Authority Magazine. —- The cascading logistical problems caused by the pandemic and the war in Eastern Europe, have made securing a reliable supply chain a national imperative. In addition, severe cyberattacks like the highly publicized Colonial pipeline attack, […]
As one of the leading experts in product security with over 15 years of experience in security engineering and 120 cybersecurity patents under his belt, Adam Boulton is one of the most experienced software security professionals in the industry. Currently the SVP of Security Technology and Innovation at Cybellum, the Left to Our Own Devices […]
Stepping in to help entire industries better manage their connected devices, CISA is providing critical live vulnerability data directly to CPSOs. It remains unclear if teams are set up in a way to digest the data into vulnerability management and malware detection activities. ———- Last week, CISA announced their new Ransomware Vulnerability Warning Pilot (RVWP), […]
KB Kookmin Bank recognized the growing product security challenge in providing modern services based on increasingly complex software. More suppliers. More open source. More weak points. Understanding the trust of their customers was paramount. The bank was ready to rethink the tools they were using in order to better understand their product security posture and […]
As vehicles have come to rely heavily on software and an increasingly complex software supply chain, the cyber threat landscape continues to evolve. Automotive cybersecurity standards and regulations for safety are more critical than ever. Industry-wide recognition of automotive cybersecurity risks has pushed regulators and industry leaders to double-down on regulation. The recent adoption of […]
The below piece is based on the resource: How FDA and the Omnibus Bill Will Reshape Pre & Post Market Product Security ——- The December 2022 Omnibus bill, a large spending bill passed by the US government, continues the Biden administration’s rhetoric of securing America’s infrastructure. Buried within this bill are new powers granted to […]
Phil Englert was ahead of the curve in introducing cybersecurity into the medical device industry, building medical device cybersecurity programs from scratch several times during his career. Today he is the Director of Medical Device Security at the Health Information Sharing and Analysis Center H-ISAC, helping establish connections within the medical device community, and well-versed […]
Part 1: Using SBOMs for enhanced visibility and control The dynamic nature of software development exposes the software supply chain to countless sources of both known and unknown vulnerabilities. These can take multiple forms, from insecure open-source software to zero-day exploits. The connected product software revolution’s growing reliance on open-source software increases the risk and […]