Author: vigilantops

Vigilant Ops Announces Partnership with BeanStock Ventures

Vigilant Ops, an innovator in medical device cybersecurity and developer of the Software Bill of Materials (SBOM) automation platform InSight, announced a partnership with BeanStock Ventures of San Diego, California. BeanStock Ventures is a medical device software product development organization with regulatory expertise. It is one of only nine FDA-Recognized 510(k) Third Party Review Organizations (3P510K), enabling the fast-track of medical devices for 510(k) clearance, which is a premarket...

Continue reading

Using SBOM to Identify Vulnerabilities and Impacted Devices

Last week, CISA (the U.S. Cybersecurity and Infrastructure Security Agency) issued an advisory about critical vulnerabilities in embedded software that opens the door to possible security breaches. No breaches have been reported to date, but the potential impact spans multiple industries, including healthcare. This short summary discusses how SBOM can help manufacturers respond and take action. SBOM Can Help with Vulnerability Discovery The Software Bill of Materials (SBOM) has been getting...

Continue reading

U.S. House Passes Supply Chain Security Bill

As part of the response to recent hacks, the United States House of Representatives voted on and passed the DHS Software Supply Chain Risk Management Act of 2021 on October 20, 2021, by a vote of 412-2. The Act covers both new and existing contracts with the Department of Homeland Security (DHS). As a Condition on the Award of Contracts Contractors must submit a bill of materials, defined in this Act as “a list of the parts and components (whether new or reused) of an end product or service,...

Continue reading

FDA Seeking Additional Legislative Authorities

The United States Food and Drug Administration (US FDA) is looking for ways to compel medical device manufacturers to prioritize cybersecurity. Given the rash of ransomware attacks in healthcare, and across other industries, and the recently released Executive Order 14028, which we summarized in an earlier post, the timing seems to be right. According to an interview with Suzanne Schwartz, director of Strategic Partnerships and Technology Innovation at the FDA’s Center for Devices and Radiological...

Continue reading

The Minimum Elements for a Software Bill of Materials (SBOM)

Yesterday, the United States Department of Commerce released The Minimum Elements for a Software Bill of Materials (SBOM), in accordance with President Biden Executive Order 14028 on Improving the Nation’s Cybersecurity. For those who have been following the National Telecommunications and Information Administration (NTIA) SBOM work, you won’t find any surprises in the release. The document thoroughly describes the SBOM, provides motivation for the SBOM as a standard security document, and makes...

Continue reading

NIST Workshop on Supply Chain Security

The National Institute of Standards and Technology (NIST) hosted a virtual workshop on June 2 and 3, 2021 to fulfill the Executive Order on Improving the Nation’s Cybersecurity, which we previewed in a recent post. The order was signed into law by President Biden on May 12, 2021, and includes direction to the Secretary of Commerce for consultation with various stakeholders including representatives of the private and public sectors, as well as academia.  The goal of this consultation is...

Continue reading