Security News

The cybersecurity challenges of securing PACS. Medical imaging is a critical component in providing patient care and PACS is where these images and accompanying clinical information are stored and delivered from when needed. PACS is part of a highly complex healthcare delivery organization environment that includes back-office systems, electronic health record systems, pharmacy and laboratory systems, an array of electronic medical devices, and often cloud storage for medical images.

NIST has launched a crowdsourcing challenge to spur new methods to ensure that important public safety data sets can be de-identified to protect individual privacy. The Differential Privacy Temporal Map Challenge includes a series of contests that will award a total of up to $276,000 for differential privacy solutions for complex data sets that include information on both time and location.

The National Institute of Standards and Technology has published a cybersecurity practice guide enterprises can use to recover from data integrity attacks, i.e., destructive malware and ransomware attacks, malicious insider activity or simply mistakes by employees that have resulted in the modification or destruction of company data. Special Publication 1800-11, Data Integrity: Recovering from Ransomware and Other Destructive Events can help organizations to develop a strategy for recovering from an attack affecting data integrity, recover from such an event while maintaining operations, and manage enterprise risk.

Only 44% of healthcare providers, including hospital and health systems, conformed to protocols outlined by the NIST CSF - with scores in some cases trending backwards since 2017, CynergisTek reveals. The report also found that healthcare supply chain security is one of the lowest ranked areas for NIST CSF conformance.

Back in July, NIST selected third-round algorithms for its post-quantum cryptography standard. Recently, Daniel Apon of NIST gave a talk detailing the selection criteria.

This "Selection round" will help the agency decide on the small subset of these algorithms that will form the core of the first post-quantum cryptography standard. "At the end of this round, we will choose some algorithms and standardize them," said NIST mathematician Dustin Moody.

NIST has now begun the third round of public review. This "Selection round" will help the agency decide on the small subset of these algorithms that will form the core of the first post-quantum cryptography standard.

The National Institute for Standards and Technology has published the draft version of SP 800-53: Security and Privacy Controls for Information Systems and Organizations. The publication provides a catalog of security and privacy controls that will help protect organizational operations and assets.

For years, the EFF has been saying that developing algorithms that the FBI and law enforcement can use to identify similar tattoos from images - similar to how automated facial recognition systems work - raises significant First Amendment questions. UNICAMP also said that its researcher - Prof. Léo Pini Magalhãe - is adding to the dataset by grabbing images of tattoos from the web: a practice that the EFF noted has increasingly come under fire from Congress in light of the Clearview AI face recognition scandal.

With people worldwide forced to work from home due to the coronavirus epidemic, NIST and DHS published a series of recommendations on how to ensure that virtual meetings and connections to enterprise networks are protected from prying eyes. The security of virtual meetings might often be an afterthought, but basic precautions can ensure that they don't lead to data breaches or other security incidents, says Jeff Greene, director of the National Cybersecurity Center of Excellence at the National Institute of Standards and Technology.