According to the Identity Theft Resource Center, the first eight months of 2016 has seen 584 total breaches with more than 20,500,000 records exposed.

1. Securing Mobile Medical Applications and Devices
from External Threats
According to the Identity Theft Resource Center, the first eight months of 2016
has seen 584 total breaches with more than 20,500,000 records exposed. What’s
perhaps more alarming is the fact that 58 percent of the total breaches have been
in the medical/healthcare category. So that’s the bad news!
The good news? The medical industry has seen significant progress delivering
cutting edge medical devices such as heart monitors and implantable insulin
pumps and sleep devices that automatically monitor a patient’s status, deliver
potentially needed real-time treatment, and collect data that can be used by
medical personnel to improve patient outcomes.
The manufacturers of these medical devices can use specialized hardware and
software to secure these actual devices from outside threats – malware and
ransomware – but more often than not, these devices rely on applications and
mobile platforms to communicate this data and other medical signals to the
doctors and medical staff. These operating systems (such as Android) become the
weak link or backdoor to an otherwise secure system. So that’s also the bad
news!
The good news? The FDA has recently released guidance designed to provide a
framework for the management of cybersecurity in medical devices. The draft
guidance goes into great detail, but the key points are:

2.  Device and application creators need to incorporate security elements
consistent with the NIST Framework for Improving Critical Infrastructure
Cybersecurity: Identify, Protect, Detect, Respond, and Recover.
 Incorporate detection mechanisms into their device design and device
features to increase the detectability of attacks and permit forensically
sound evidence capture.
 Design the devices to ensure that risks inherent in remediation are properly
mitigated including ensuring that the remediation is adequate and
validated and that the device designs incorporate mechanisms for secure
and timely updates.
How about some more good news? whiteCryption’s enterprise-level solution,
Cryptanium, has two main components that can help medical device
manufactures introduce the security needed to prevent malware threats like
ransomware. The first is Cryptanium Secure Key Box, a white box cryptographic
library that implements standard cryptographic algorithms in a way that
completely hides the keys. The second is Cryptanium Code Protection, a
comprehensive tool for hardening software applications on multiple platforms.
These two components work together to increase security protection against
these types of malware threats.
whiteCryption designed Cryptanium for application developers who need to add
tamper resistance and self-defense mechanisms to apps running in threat-rich
environments, such as Android. The connected world we live in today goes
beyond computers and mobile devices to automobiles, home appliances and
medical devices and applications; the security solutions that we rely on need to
work harder to protect the people that rely on these devices.
To know more visit:
whitecryption.com