News &

Weak Passwords Allow Cybercriminals To Go Through The "Front Door"

Employers must stress good password practices to minimize breach risks. We examine why reusing passwords is a risky practice.

Ask Jack: Can We Assume AI Searches Are Safe?

More and more employees are using AI chatbots to do research, but are they safe? Jack responds.

Ask Jack: Ethical Hiring Sets The Tone For IT Security

An employer reveals a recruiting scandal within its IT department. Jack explains why seeking the "ethically grounded" over the "ethically challenged" is an IT priority.

Breach Security Often Boils Down To Password Security

All industries are targets of cybercriminals. Password security is where every organization can start to limit exposure, including requiring frequent password changes.

New Cyber Protection Rules For Medical Devices

The federal government has instituted a new set of federal guidelines regarding the cyber vulnerabilities of medical devices. This includes new guidelines that allow the FDA to "not accept" devices that are at risk for cybersecurity breaches.

The new guidelines allow the agency to vet all new devices as well as recall those determined to be at risk for cyber vulnerabilities. This requires all vendors to update software, marketing materials, and to have a plan to actively "monitor, identify and address cyber vulnerabilities" on any devices currently on the market.

The gravest concern is the threat of hackers taking control of these devices remotely - putting patients' lives in jeopardy. Addressing cybersecurity in the medical field has been an area of concern for some time now, with many calling for more government "policing". Christian Vasquez, "FDA cyber mandates for medical devices goes into effect", (Oct. 02, 2023).




The September 27, 2023, guidelines are in response to the growing number of attacks in the healthcare and life science industries. The guidance is broad and includes all devices with a software function, which contain software or programmable logic, and are network-enabled are included – from thermometers to advanced diagnostic devices.

The guidelines call for more device labeling – it should include an accurate description of the device's cyber risks, understandable by the "average user". Potential fines, injunctions, civil and criminal penalties can result from a failure to include proper cyber warnings on the label.

On November 02, 2023, the FDA is holding a webinar at 1:00 p.m. ET for industries and stakeholders who want to learn more about the guidance.



Finally, your opinion is important to us. Please complete the opinion survey: