DATA SECURITY

BD to Advance Leadership in Cybersecurity Transparency and Preparedness

BD | June 07, 2021

A leading global medical technology company, BD (Becton, Dickinson and Company), today announced that it has become the first medical technology company authorized as a Common Vulnerability and Exposures (CVE®) Numbering Authority by the CVE Program, further demonstrating the company's leadership in health care cybersecurity.

As a CVE Numbering Authority (CNA), BD is authorized to assign CVE identification numbers to newly discovered vulnerabilities in its software-enabled products. This includes using the Common Weakness Enumeration (CWE™) system to classify vulnerability types and applying the Common Vulnerability Scoring System (CVSS) to communicate vulnerability characteristics and severity. The purpose of the CVE Program is to bolster international cybersecurity defense by cataloguing publicly disclosed cybersecurity vulnerabilities. The CVE Program is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and operated by MITRE Corporation.

BD was among the first medical technology companies to develop a mature Coordinated Vulnerability Disclosure program, enabling customers to manage cybersecurity risks through awareness and guidance. In 2020, the company launched the BD Cybersecurity Trust Center, increasing transparency and collaboration with its customers, and issued its inaugural cybersecurity annual report. In becoming a CNA, BD further demonstrates its commitment to cybersecurity in medical devices, making it easier for customers to manage vulnerabilities affecting BD products.

About the CVE Program

The mission of the Common Vulnerabilities and Exposures (CVE®) Program is to identify, define and catalog publicly disclosed cybersecurity vulnerabilities. There is one CVE Record for each of the vulnerabilities in the catalog. The vulnerabilities are discovered then assigned and published by organizations from around the world that have partnered with the CVE Program. Partners publish CVE Records to communicate consistent descriptions of vulnerabilities. Information technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue, and to coordinate their efforts to prioritize and address the vulnerabilities.

About BD

BD is one of the largest global medical technology companies in the world and is advancing the world of health by improving medical discovery, diagnostics and the delivery of care. BD and its 70,000 employees have a passion and commitment to help enhance the safety and efficiency of clinicians' care delivery process, enable laboratory scientists to accurately detect disease and advance researchers' capabilities to develop the next generation of diagnostics and therapeutics. By working in close collaboration with customers, BD can help enhance outcomes, lower costs, increase efficiencies, improve safety and expand access to health care.

Spotlight

Confidentiality. prevents unauthorized use or disclosure of information. Integrity. safeguards the accuracy and completeness of information. Availability. authorized users have reliable and timely access to information. The Internet was initially designed for connectivity – Trust assumed – We do more with the Internet nowadays – Security protocols are added on top of the TCP/IP.

Spotlight

Confidentiality. prevents unauthorized use or disclosure of information. Integrity. safeguards the accuracy and completeness of information. Availability. authorized users have reliable and timely access to information. The Internet was initially designed for connectivity – Trust assumed – We do more with the Internet nowadays – Security protocols are added on top of the TCP/IP.

Related News

SOFTWARE SECURITY

Camera Cyber Security Specification and Alliance Council for App Developers are announced by the Open Security & Safety Alliance.

Open Security & Safety Alliance | March 03, 2021

The Open Security and Safety Alliance, an industry body contained partners from all aspects of the security, wellbeing and building mechanization space, today declared two significant advancements as a component of its main goal to clear the street towards dependable and imaginative security and wellbeing arrangements. Initial, another particular is currently accessible to individuals that centers around camera network protection measures. OSSA likewise presents another App Developer Council intended to pull in and include application designers in the Alliance's steadily developing environment of security and wellbeing industry players. Executing Trustworthiness Thresholds The most current specialized particular – the OSSA Camera Cyber Security Specification – contains definitions and rules in regards to obligatory and discretionary security judgments for cameras. It is to a great extent dependent on a current norm by the International Electrotechnical Commission (IEC), with an extra clear spotlight on the security market and OSSA reasoning by straightforwardly splitting the jobs and duties between camera producers, the working framework (OS) supplier and the framework on-chip (SoC) merchant, specifically. The determination additionally endorses duty changes in case of individual OS alterations by camera producers. The compulsory piece of these rules will be utilized as contribution for the impending OSSA certificate system. The OSSA-coordinated environment is intended to improve trust, empower development past the constraints of a solitary association, and fuel opportunity for industry partners and clients.

Read More

DATA SECURITY

NETSCOUT Omnis Cyber Intelligence Integrates with AWS Security Hub

NETSCOUT | November 11, 2021

NETSCOUT SYSTEMS, INC. a leading provider of cybersecurity, service assurance, and business analytics solutions, today announced that Amazon Web Services, Inc. (AWS) customers will now have added visibility and security when migrating workloads to AWS using NETSCOUT's Omnis® Cyber Intelligence (OCI) integration with AWS Security Hub. NETSCOUT OCI is the industry's fastest and most scalable network security software solution, built on the foundation of the industry's most prominent network monitoring and packet recording and analysis technology. It uniquely detects and investigates suspicious activities in real-time and retrospectively, identifies threats early in the attack life cycle to prevent infections from spreading, stops future attacks, and identifies compromised assets. As a cloud security posture management service, AWS Security Hub performs automated, continuous security best practice checks against AWS resources, aggregates alerts, and enables automated remediation. The integration between NETSCOUT OCI and AWS Security Hub enhances the corporate security posture by extending the breadth and depth of cyberthreat visibility and intelligence. The integration is seamless since NETSCOUT OCI automatically formats violations in the Amazon Security Findings Format (ASFF) with built-in intelligence to suppress duplicate alerts and group them as needed. NETSCOUT OCI, through its integration with AWS Security Hub, helps detect, investigate, and respond to potentially malicious activity exposing risks that exist in hybrid cloud interdependencies. "As organizations migrate workloads to the cloud, their infrastructure becomes increasingly complex, making end-through-end visibility a necessity to uncover increased attack surfaces and combat threat exposure,As an AWS Validated Technology and Public Sector Partner with Network and Migration competencies, we've been in lock-step development with AWS. We're excited that customers can realize the benefits of NETSCOUT OCI, which is now fully integrated onto AWS Security Hub." Russ Currie, vice president, enterprise strategy, NETSCOUT About NETSCOUT NETSCOUT SYSTEMS, INC. helps assure digital business services against security, availability, and performance disruptions. Our market and technology leadership stems from combining our patented smart data technology with smart analytics. We provide real-time, pervasive visibility and insights customers need to accelerate and secure their digital transformation. Omnis Cyber Intelligence delivers the fastest and most scalable network security solution available on the market. NETSCOUT nGenius service assurance solutions provide real-time, contextual analysis of service, network, and application performance. And Arbor® Smart DDoS Protection by NETSCOUT products help protect against attacks that threaten availability and advanced threats that infiltrate networks to steal critical business assets. To learn more about improving service, network, and application performance in physical or virtual data centers or in the cloud, and how NETSCOUT's security and performance solutions can help you move forward with confidence.

Read More

DATA SECURITY

Blu Ventures Expands Cybersecurity Strategy

Blu Venture Investors | May 24, 2021

Blu Venture Investors, a primary source risk capital firm, today announced the launch of the BVI Cyber Fund, a $25M fund targeted at Series A growth companies in cybersecurity. This fund builds on the success and momentum Blu Ventures has established in supporting the cybersecurity ecosystem within the Mid-Atlantic region and beyond. "With over 800 cybersecurity firms within the Washington, D.C. region, Blu Ventures is seated at the middle of the cyber/intelligence ecosystem," said Michael Sutton, Investment member and former CSO of Zscaler. "We are excited to continue helping fast-growing cyber companies scale and tackle the foremost difficult cybersecurity challenges facing commercial and government organizations today." The timing of the BVI Cyber Fund comes at a pivotal time given the record-breaking increase in sophisticated breaches and cyberattacks and President Biden's May 12, 2021 Executive Order on Improving the Nation's Cybersecurity. Blu Ventures has and can still invest in forward-looking cybersecurity technologies within core areas that include Endpoint Detection & Response, Data Storage; Web & Cloud; Messaging; Network; Industrial & Internet of Things (IoT); Threat Intel; Mobile; Fraud Protection & Transaction; Risk, Compliance & Training; Specialized Threat Analysis & Protection and Security Ops & Incident Response. About Blu Venture Investors Founded in 2010, Blu Ventures has deployed $85MM in capital so far in early-stage cyber and enterprise software firms. Currently, the firm is invested in 35 cyber companies to incorporate ID.me, Cybrary, Huntress Labs, Ostendio and Threat Quotient. As a primary source risk capital firm, Blu's principals bring expertise across a spread of industries and an investment perspective closely aligned with entrepreneurs.

Read More