Home > News > featured news > IoT security and the psychology of supplier apathy

IoT security and the psychology of supplier apathy

Healthcare IT news | January 29, 2020

Warnings about IoT vulnerabilities have resounded across 2020 cybersecurity predictions, but the greatest vulnerability of all is apathy. This charge can potentially be applied to anyone and everyone from healthcare providers to government agencies. What I want to focus on, however, is the supplier community. I increasingly talk to CIOs and CISOs that express a frustration with the behaviour of their suppliers. It seems that many are ambiguous about proactively addressing regulatory standards that are specific to preserving patient safety. As the leaders I talk to often point out to me – it would be a competitive advantage if they did (let alone be ethical). This all applies especially to IoT devices, what with increasing interoperability, mobility and the dawn of 5G where the scope for system failures that could affect patient care are greater than ever.

Spotlight

Lexmark moves IoT from cost cutter to revenue producer

Starting with the mission to provide a better customer experience and separate itself from the competition, Lexmark created a miniature ecosystem within each printer that now includes about 100 data points which the machine continually communicates to the mother ship at the printer maker. They include motor speeds, cartridge tor

More featured news

Spotlight

Lexmark moves IoT from cost cutter to revenue producer

Starting with the mission to provide a better customer experience and separate itself from the competition, Lexmark created a miniature ecosystem within each printer that now includes about 100 data points which the machine continually communicates to the mother ship at the printer maker. They include motor speeds, cartridge tor

Related News

INFRASTRUCTURE, SOFTWARE AND TOOLS

ACA Pacific Partners with Atsign to Deliver Unprecedented IoT Security Technology in APAC Region

globenewswire | April 06, 2023

ACA Pacific Singapore (ACA Pacific Technology(S) Pte Ltd), an established IT marketing and value-added distributor in the Asia-Pacific region, has partnered with Atsign, Inc., a leader in IoT security, to bring game-changing IoT device security technology to the region. The rapid adoption of IoT devices in the region has led to a dramatic increase in criminal hacking groups attacking these devices to gain access to various organizations, as well as the government’s critical infrastructure. ACA Pacific Group will offer Atsign’s technology platform to eliminate all network attack surfaces (i.e. having no open ports) which will thwart these cybercriminals, protect IoT devices, and save costs over traditional, complicated, and less secure means of protecting IoT devices. Atsign will work closely alongside ACA Pacific’s broad ecosystem of partners to deliver industry leading cybersecurity solutions across industries and use cases. “I couldn’t be happier about this new partnership with ACA Pacific,” says Barbara Tallent, CEO of Atsign. “Their knowledge of the APAC market and great reputation with their clients is a powerful step forward for our goal of providing protection and privacy to more business customers in the region.” Craig Gledhill, CEO of ACA Pacific, discussed the partnership, stating that the fast rollout of 5G in the APAC market has led to a significant growth in IoT. However, this rapid expansion has also resulted in a significant security gap. Gledhill expressed excitement about partnering with Atsign to provide their technology as a cost-effective solution to address this very important issue. The technology is expected to be a great fit for many of ACA Pacific’s customers and partners. About ACA Pacific Group ACA Pacific Group is an established IT marketing and value-added distributor since 1986 across the Asia-Pacific region. Solutions offerings include selecting and integrating only the “Best-of-Breed” software and hardware to meet customers’ requirements. About Atsign Atsign is an award-winning technology company that believes the privacy and security of every person, organization, and device is a fundamental right, and they're working towards making it a reality. They won the 2022 IoTSF Champion award and the 2023 IoT Global Award for Securing IoT.

Read More

DEVICES, INDUSTRIAL IOT

Armis Identifies the Riskiest Medical and IoT Devices in Clinical Environments

Businesswire | April 18, 2023

Armis, the leading asset visibility and security company, today released new research identifying the top connected medical and IoT devices that are exposed to malicious activity in clinical environments. Data analyzed from the Armis Asset Intelligence and Security Platform, which tracks over three billion assets, found nurse call systems to be the riskiest* IoMT device, followed by infusion pumps and medication dispensing systems. When looking at IoT devices, IP cameras, printers and Voice Over Internet Protocol (VoIP) devices are topping the list. By 2026, smart hospitals are expected to deploy over 7 million IoMT devices, doubling the amount from 2021. Medical and non-medical devices are increasingly connected, automatically feeding patient data from monitoring devices into electronic records. These connections and communications within a medical environment help improve patient care but also make it increasingly vulnerable to cyberattacks, which could result in the interruption of patient care. Upon a comprehensive analysis of the data from all connected medical and IoT devices on the Armis Asset Intelligence and Security Platform, several noteworthy conclusions can be drawn Nurse call systems are the riskiest connected medical device, with 39% of them having critical severity unpatched Common Vulnerabilities and Exposures (CVEs) and almost half (48%) having unpatched CVEs. Infusion pumps are second, with 27% having critical severity unpatched CVEs and 30% having unpatched CVEs. Medication dispensing systems are in third place, with 4% having critical severity unpatched CVEs, but 86% having unpatched CVEs. Moreover, 32% run on unsupported Windows versions. Almost 1 in 5 (19%) connected medical devices are running unsupported OS versions. More than half of IP cameras we monitored in clinical environments have critical severity unpatched CVEs (56%) and unpatched CVEs (59%), making it the riskiest IoT device. Printers are the second riskiest IoT device in clinical environments, with 37% having unpatched CVEs, and 30% having critical severity unpatched CVEs. VoIP devices are in third place. Although 53% of them have unpatched CVEs, only 2% have critical severityunpatched CVEs. “These numbers are a strong indicator of the challenges faced by healthcare organizations globally. Advances in technology are essential to improve the speed and quality of care delivery as the industry is challenged with a shortage of care providers, but with increasingly connected care comes a bigger attack surface,” said Mohammad Waqas, Principal Solutions Architect for Healthcare at Armis. “Protecting every type of connected device, medical, IoT, even the building management systems, with full visibility and continuous contextualized monitoring is a key element to ensuring patient safety.” Armis secures all medical assets and patient care environments in some of the largest healthcare delivery organizations around the world: “Armis appeared to be a good alternative for us because it immediately provided us with visibility into what devices were plugging into the network. It shows us how they are interacting with each other, creates alerts based on observed behavior and enforces firewall rules based on those alerts,” said Brian Schultz, Director of Network Operations and Security, Burke Rehabilitation Hospital. “Metrics and accountability are key to understanding how to protect the hospital’s network, and Armis has a major role in making the relevant data available to us in an easy-to-access manner. It has definitely filled in the gaps in our security arsenal by uncovering risks we never knew about previously. At first, I thought Armis was a nice-to-have, but now it’s become an integral part of our cyber defense,” said Dr. Michael Connolly, Chief Information Officer (CIO), Mater Misericordiae University Hospital. KLAS Research recently named Armis a top performer at the 2023 Best in KLAS Software & Services Report for Healthcare IoT Security. To learn more about how Armis enables healthcare organizations to identify and secure IoMT, IoT, OT and IT assets Armis is attending HIMSS April 17-21, 2023 in Chicago, IL with a speaking session taking place on Wednesday, April 19, 2023 from 3:45pm - 4:05pm CT titled: Hackers Rush in Where Agents Fear to Tread. To meet with Armis at HIMSS, please visit booth 2276 or Kiosk 4309-48 in the Cyber Command Center. About Armis Armis, the leading asset visibility and security company, provides the industry’s first unified asset intelligence platform designed to address the new extended attack surface that connected assets create. Fortune 100 companies trust our real-time and continuous protection to see with full context all managed, unmanaged assets across IT, cloud, IoT devices, medical devices (IoMT), operational technology (OT), industrial control systems (ICS), and 5G. Armis provides passive cyber asset management, risk management, and automated enforcement. Armis is a privately held company and headquartered in California.

Read More

INDUSTRIAL IOT

Identiv Expands bitse.io IoT Platform with the addition of Specialty NFC Tags from STMicroelectronics

Businesswire | May 09, 2023

Identiv, Inc. global digital security and identification leader in the Internet of Things (IoT), announced further growth in its bitse.io IoT platform for tag commissioning and launching brand experiences with the inclusion of new near-field communication (NFC) tags in specialty form factors from STMicroelectronics (ST). Now, the bitse.io platform can easily enhance and manage these tags. Identiv and ST are expanding their collaboration to include the new ST25TN renewable paper tag and ST25TV 7x7 mm Tiny Tag. ST25TV features a capacitance of 99.7pF for the best performance on a small surface and is available with a tamper detection interface. These unique form factors can be seamlessly encoded and connected to customizable brand experiences on-the-spot with Identiv’s bitse.io IoT platform. bitse.io is a powerful, easy to manage platform combining physical IoT-enabled tags and data management, spanning RFID, near-field communication (NFC), Bluetooth Low Energy (BLE), and other active engagement solutions with capabilities for tag commissioning, consumer experience, and data analytics. Brands can now choose the new sustainable tags for an eco-friendly experience with a low carbon footprint, or the tiny tags to make even the smallest object interactive, ideal for medical applications, pharmaceuticals, and consumer products with limited space. “Identiv is proud to continue expanding its collaborative relationship with ST through our innovative, specialty NFC tags along with our recent advancement into SaaS solutions with bitse.io,” said Amir Khoshniyati, VP/GM IoT Business, Identiv. “Every day, millions of people set data in motion by using IoT-enabled technology to connect physical objects to the digital world. Our relationship with ST, combined with our industry-leading value-add capabilities that include converting and encoding services, strengthen Identiv’s position as a leader in IoT.” “Our growing collaboration with Identiv has enabled their ability to express our NFC tag IC performance and use our high-capacitance ST25TV Type 5 NFC Forum tag to its full potential, making antenna inlays as small as 7x7mm,” said Gianmarco Ferrari, NFC Senior Marketing Manager, Americas, STMicroelectronics. “In addition, the bitse.io platform helps brands design customer engagement experiences with our ST25TN Type 2 NFC Forum tags, and by using Identiv eco-friendly inlays, our customers can reach a broader, sustainable IoT market.” Identiv and ST will demonstrate ST’s NFC Tag ICs and Identiv’s inlay solution-enabling bitse.io platform, along with other IoT experiences, in booth 511 at RFID Journal LIVE! 2023, May 9 - 11, 2023 in Orlando, Fla. Identiv’s innovative IoT-enabling RFID, NFC, AND BLE solutions verify identities and security, and are embedded in billions of everyday objects, including medical devices, packaging, mobile device accessories, books, athletic apparel, wine and spirits, perishables, and pharmaceuticals. To purchase the new tags from Identiv and ST, request a tag bag for $13 USD. To get started with bitse.io, book a custom demo today. About Identiv Identiv, Inc. is a global leader in digitally securing the physical world. Identiv’s platform encompasses RFID and NFC, cybersecurity, and the full spectrum of physical access, video, and audio security. Identiv is a publicly traded company, and its common stock is listed on the NASDAQ Stock Market LLC in the U.S. under the symbol “INVE.”

Read More

INFRASTRUCTURE, SOFTWARE AND TOOLS

ACA Pacific Partners with Atsign to Deliver Unprecedented IoT Security Technology in APAC Region

globenewswire | April 06, 2023

ACA Pacific Singapore (ACA Pacific Technology(S) Pte Ltd), an established IT marketing and value-added distributor in the Asia-Pacific region, has partnered with Atsign, Inc., a leader in IoT security, to bring game-changing IoT device security technology to the region. The rapid adoption of IoT devices in the region has led to a dramatic increase in criminal hacking groups attacking these devices to gain access to various organizations, as well as the government’s critical infrastructure. ACA Pacific Group will offer Atsign’s technology platform to eliminate all network attack surfaces (i.e. having no open ports) which will thwart these cybercriminals, protect IoT devices, and save costs over traditional, complicated, and less secure means of protecting IoT devices. Atsign will work closely alongside ACA Pacific’s broad ecosystem of partners to deliver industry leading cybersecurity solutions across industries and use cases. “I couldn’t be happier about this new partnership with ACA Pacific,” says Barbara Tallent, CEO of Atsign. “Their knowledge of the APAC market and great reputation with their clients is a powerful step forward for our goal of providing protection and privacy to more business customers in the region.” Craig Gledhill, CEO of ACA Pacific, discussed the partnership, stating that the fast rollout of 5G in the APAC market has led to a significant growth in IoT. However, this rapid expansion has also resulted in a significant security gap. Gledhill expressed excitement about partnering with Atsign to provide their technology as a cost-effective solution to address this very important issue. The technology is expected to be a great fit for many of ACA Pacific’s customers and partners. About ACA Pacific Group ACA Pacific Group is an established IT marketing and value-added distributor since 1986 across the Asia-Pacific region. Solutions offerings include selecting and integrating only the “Best-of-Breed” software and hardware to meet customers’ requirements. About Atsign Atsign is an award-winning technology company that believes the privacy and security of every person, organization, and device is a fundamental right, and they're working towards making it a reality. They won the 2022 IoTSF Champion award and the 2023 IoT Global Award for Securing IoT.

Read More

DEVICES, INDUSTRIAL IOT

Armis Identifies the Riskiest Medical and IoT Devices in Clinical Environments

Businesswire | April 18, 2023

Armis, the leading asset visibility and security company, today released new research identifying the top connected medical and IoT devices that are exposed to malicious activity in clinical environments. Data analyzed from the Armis Asset Intelligence and Security Platform, which tracks over three billion assets, found nurse call systems to be the riskiest* IoMT device, followed by infusion pumps and medication dispensing systems. When looking at IoT devices, IP cameras, printers and Voice Over Internet Protocol (VoIP) devices are topping the list. By 2026, smart hospitals are expected to deploy over 7 million IoMT devices, doubling the amount from 2021. Medical and non-medical devices are increasingly connected, automatically feeding patient data from monitoring devices into electronic records. These connections and communications within a medical environment help improve patient care but also make it increasingly vulnerable to cyberattacks, which could result in the interruption of patient care. Upon a comprehensive analysis of the data from all connected medical and IoT devices on the Armis Asset Intelligence and Security Platform, several noteworthy conclusions can be drawn Nurse call systems are the riskiest connected medical device, with 39% of them having critical severity unpatched Common Vulnerabilities and Exposures (CVEs) and almost half (48%) having unpatched CVEs. Infusion pumps are second, with 27% having critical severity unpatched CVEs and 30% having unpatched CVEs. Medication dispensing systems are in third place, with 4% having critical severity unpatched CVEs, but 86% having unpatched CVEs. Moreover, 32% run on unsupported Windows versions. Almost 1 in 5 (19%) connected medical devices are running unsupported OS versions. More than half of IP cameras we monitored in clinical environments have critical severity unpatched CVEs (56%) and unpatched CVEs (59%), making it the riskiest IoT device. Printers are the second riskiest IoT device in clinical environments, with 37% having unpatched CVEs, and 30% having critical severity unpatched CVEs. VoIP devices are in third place. Although 53% of them have unpatched CVEs, only 2% have critical severityunpatched CVEs. “These numbers are a strong indicator of the challenges faced by healthcare organizations globally. Advances in technology are essential to improve the speed and quality of care delivery as the industry is challenged with a shortage of care providers, but with increasingly connected care comes a bigger attack surface,” said Mohammad Waqas, Principal Solutions Architect for Healthcare at Armis. “Protecting every type of connected device, medical, IoT, even the building management systems, with full visibility and continuous contextualized monitoring is a key element to ensuring patient safety.” Armis secures all medical assets and patient care environments in some of the largest healthcare delivery organizations around the world: “Armis appeared to be a good alternative for us because it immediately provided us with visibility into what devices were plugging into the network. It shows us how they are interacting with each other, creates alerts based on observed behavior and enforces firewall rules based on those alerts,” said Brian Schultz, Director of Network Operations and Security, Burke Rehabilitation Hospital. “Metrics and accountability are key to understanding how to protect the hospital’s network, and Armis has a major role in making the relevant data available to us in an easy-to-access manner. It has definitely filled in the gaps in our security arsenal by uncovering risks we never knew about previously. At first, I thought Armis was a nice-to-have, but now it’s become an integral part of our cyber defense,” said Dr. Michael Connolly, Chief Information Officer (CIO), Mater Misericordiae University Hospital. KLAS Research recently named Armis a top performer at the 2023 Best in KLAS Software & Services Report for Healthcare IoT Security. To learn more about how Armis enables healthcare organizations to identify and secure IoMT, IoT, OT and IT assets Armis is attending HIMSS April 17-21, 2023 in Chicago, IL with a speaking session taking place on Wednesday, April 19, 2023 from 3:45pm - 4:05pm CT titled: Hackers Rush in Where Agents Fear to Tread. To meet with Armis at HIMSS, please visit booth 2276 or Kiosk 4309-48 in the Cyber Command Center. About Armis Armis, the leading asset visibility and security company, provides the industry’s first unified asset intelligence platform designed to address the new extended attack surface that connected assets create. Fortune 100 companies trust our real-time and continuous protection to see with full context all managed, unmanaged assets across IT, cloud, IoT devices, medical devices (IoMT), operational technology (OT), industrial control systems (ICS), and 5G. Armis provides passive cyber asset management, risk management, and automated enforcement. Armis is a privately held company and headquartered in California.

Read More

INDUSTRIAL IOT

Identiv Expands bitse.io IoT Platform with the addition of Specialty NFC Tags from STMicroelectronics

Businesswire | May 09, 2023

Identiv, Inc. global digital security and identification leader in the Internet of Things (IoT), announced further growth in its bitse.io IoT platform for tag commissioning and launching brand experiences with the inclusion of new near-field communication (NFC) tags in specialty form factors from STMicroelectronics (ST). Now, the bitse.io platform can easily enhance and manage these tags. Identiv and ST are expanding their collaboration to include the new ST25TN renewable paper tag and ST25TV 7x7 mm Tiny Tag. ST25TV features a capacitance of 99.7pF for the best performance on a small surface and is available with a tamper detection interface. These unique form factors can be seamlessly encoded and connected to customizable brand experiences on-the-spot with Identiv’s bitse.io IoT platform. bitse.io is a powerful, easy to manage platform combining physical IoT-enabled tags and data management, spanning RFID, near-field communication (NFC), Bluetooth Low Energy (BLE), and other active engagement solutions with capabilities for tag commissioning, consumer experience, and data analytics. Brands can now choose the new sustainable tags for an eco-friendly experience with a low carbon footprint, or the tiny tags to make even the smallest object interactive, ideal for medical applications, pharmaceuticals, and consumer products with limited space. “Identiv is proud to continue expanding its collaborative relationship with ST through our innovative, specialty NFC tags along with our recent advancement into SaaS solutions with bitse.io,” said Amir Khoshniyati, VP/GM IoT Business, Identiv. “Every day, millions of people set data in motion by using IoT-enabled technology to connect physical objects to the digital world. Our relationship with ST, combined with our industry-leading value-add capabilities that include converting and encoding services, strengthen Identiv’s position as a leader in IoT.” “Our growing collaboration with Identiv has enabled their ability to express our NFC tag IC performance and use our high-capacitance ST25TV Type 5 NFC Forum tag to its full potential, making antenna inlays as small as 7x7mm,” said Gianmarco Ferrari, NFC Senior Marketing Manager, Americas, STMicroelectronics. “In addition, the bitse.io platform helps brands design customer engagement experiences with our ST25TN Type 2 NFC Forum tags, and by using Identiv eco-friendly inlays, our customers can reach a broader, sustainable IoT market.” Identiv and ST will demonstrate ST’s NFC Tag ICs and Identiv’s inlay solution-enabling bitse.io platform, along with other IoT experiences, in booth 511 at RFID Journal LIVE! 2023, May 9 - 11, 2023 in Orlando, Fla. Identiv’s innovative IoT-enabling RFID, NFC, AND BLE solutions verify identities and security, and are embedded in billions of everyday objects, including medical devices, packaging, mobile device accessories, books, athletic apparel, wine and spirits, perishables, and pharmaceuticals. To purchase the new tags from Identiv and ST, request a tag bag for $13 USD. To get started with bitse.io, book a custom demo today. About Identiv Identiv, Inc. is a global leader in digitally securing the physical world. Identiv’s platform encompasses RFID and NFC, cybersecurity, and the full spectrum of physical access, video, and audio security. Identiv is a publicly traded company, and its common stock is listed on the NASDAQ Stock Market LLC in the U.S. under the symbol “INVE.”

Read More

More featured news