If you discover an internal data breach do you, a. Report it to the affected Individuals, or b. Fix it quickly and say nothing? One official at Stanford University chose poorly. The U.S. House Energy and Commerce Commission asked some great questions of Health and Human Services (HHS), including requiring medical device managers to report a Bill of Materials (BoM) for all software components in their medical devices. Also, following on the heels of WannaCry was a Linux version called SambaCry, which has now been weaponized as a ransomware delivery mechanism. So get your Linux and NAS devices patched and amp up the monitoring. Gerry and Steve talk about all these topics plus their One Cool Things in this week’s episode.

Show Notes

Resources:

Stanford CDO Resigns for Data Breach handling:

https://www.sfgate.com/education/article/Stanford-University-executive-leaves-job-after-12407976.php

House Energy and Commerce Committee wants Bill of Materials for medical device manufacturers:

https://www.scmagazine.com/house-committee-asks-hhs-to-boost-cybersecurity-by-requiring-component-list-for-medical-devices/article/708139/

SambaCry and the new StorageCrypt ransomware attack:

https://www.bleepingcomputer.com/news/security/storagecrypt-ransomware-infecting-nas-devices-using-sambacry/

https://f5.com/labs/articles/threat-intelligence/cyber-security/sambacry-the-linux-sequel-to-wannacry

Emotion Analytics:

http://searchhrsoftware.techtarget.com/feature/Emotion-analytics-may-expose-your-true-feelings-to-HR

What Every Body is Saying by Joe Navarro:

https://www.goodreads.com/book/show/1173576.What_Every_Body_is_Saying

MoviePass

https://www.moviepass.com/

 

Disclaimer: Please note the views and opinions of the hosts are their own and not necessarily those of the Medical University of South Carolina.