Canadian restaurants are offered a security assessment service, Microsoft has a new theory about how security operation centres should be designed, and how hacking medical devices poses the risk of killing hospital patients.
Restaurants Canada announced last week it will be helping its members in improving their cyber security. A deal with Toronto-based security vendor Cyberrisk Check will provide restaurateurs access to an online analysis tool that helps assess risks, and then provides an action plan to resolve issues. Restaurants handle a lot data that cyber criminals are hungry for – namely customer’s credit card details. But many restaurants are also small businesses that might not have the resources or talent to defend against cyber threats. The average small business that suffers a cyber attack loses $180,000. So it’s a good idea for industry groups like this to team up and offer services across the board. Of course in this case, once the security assessment is done, it sounds like the restaurant owner will need to pay up for services to help address security risks.
Are you building a security operations centre for your company, or looking to remodel your current ‘SOC’? Microsoft’s cyber security CTO has a concept for you to consider – data gravity. Just like large planetary bodies create gravity, drawing objects towards them, large masses of data have similar effects, she says. The bigger the data, the more likely its ‘gravity well’ and the more likley that apps and services are drawn to it. The closer that an app is to the data, the stronger the gravity and the faster it moves. Now consider the current approach to building a SOC – we aggregate all the log data from our security systems and throw it one big pile to analyze. This was great in the year 2000, but today there is so much data from so many different sources it’s creating a lot of latency. And you can’t be slowing down in the fight against hackers. Therefore the SOC of tomorrow should apply analytics as close to the data as possible, taking advantage of that gravity acceleration effect.
Critical flaws in medical devices could have threatened patient safety. Flaws in the Qualcomm Life Capsule Datacaptor Terminal Server and the Becton Dickinson Alaris TIVA Syringe Pump were acknowledged publicly last week. The Dataceptor vulnerability was rated as critical and found in a web management interface used for remote configuration. Attackers exploiting this flaw could have gained access to other medical devices like respirators and heart monitors.As for the syringe pumps, they lacked any authentication requirements. Anyone with access to the hospital network could have taken control of these devices responsible for regulating the amount of medicine a patient is receiving. That means it’d be possible for an attacker to kill a patient by overdosing them and turning off any alarms on the pump. Hospitals connecting any devices to a terminal server must put in place a system to ensure the most recent firmware is installed on these devices. Their patient’s lives could depend on it.