News and Events

September 15, 2017

Smiths Medical is scrambling to address cybersecurity risks involving its wireless infusion pump, a type of device that is particularly vulnerable to attack. Earlier this year the National Cybersecurity Center of Excellence (NCCoE) released a draft version of practice guides specific to wireless infusion pumps.

September 05, 2017

NIST and the Department of Health and Human Services (HHS), Office for Civil Rights (OCR) are co-hosting the 10th annual conference, Safeguarding Health Information: Building Assurance through HIPAA Security, at the Hyatt Regency, Washington, D.C. The conference will explore the current healthcare cybersecurity landscape and the (HIPAA) Security Rule. The NCCoE will provide updates on its Healthcare sector projects in two presentations. 

August 08, 2017

“The latest variation on a theme regarding this threat is what can appropriately be called a ransomworm,” said Rich Curtiss, managing consultant at Clearwater Compliance, a former hospital CIO, and liaison for cybersecurity vulnerability projects with the National Cybersecurity Center of Excellence. “This is a combination of two types of malware, ransomware and a worm. While we have become all too familiar with ransomware in the healthcare sector, we have ignored other forms of malware.”

June 27, 2017

NCCoE Director of Operations Tim McBride will speak at Cyber Hygiene for the Health Sector on Tuesday, June 27 from 8am-9:30am EST at Launch Workplaces (9841 Washingtonian Blvd Ste 200, Gaithersburg, MD 20878). Do you worry about the security of your organizations data, your customer's data, or the potential impacts of a cyber attack on your organization? McBride will join speakers Denise Anderson, President, National Health Information Sharing and Analysis Center (NH-ISAC) and Kevin Crain, CISO, UMD Health System to examine the need for good cyber hygiene in healthcare sector organizations.

June 27, 2017

One of the final frontiers of medicine is using technology to solve problems medication and traditional surgery cannot. Implantable medical devices help regulate heart rhythms, steady the tremors of Parkinson's patients, and deliver insulin. But how susceptible are they to getting hacked?

June 02, 2017

The recent Ransomware event has focused attention on the fragile state of information systems across the globe. Unfortunately, it is not because the malicious actors are leveraging advanced technology or unique exploits. It is caused by a breakdown in the day-to-day maintenance of the information technology resources which are so inextricably linked to our everyday lives. No individual industry is more affected by the form of malicious software (“Malware”) known as Ransomware than the healthcare industry. 

May 19, 2017

Earlier this month, the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) published a set of best practices and guidance on how to protect against threats to wireless infusion pumps. The guide, which is primarily intended as a “how-to” for professionals implementing security solutions, was developed following collaboration with healthcare stakeholders, technology vendors, and cybersecurity vendors.

May 11, 2017

The National Institute of Standards and Technology (NIST), in collaboration with the National Cybersecurity Center of Excellence (NCCoE), has released new guidance for healthcare delivery organizations on securing wireless infusion pumps to prevent unauthorized access.

May 11, 2017

New draft guidance from the National Institute of Standards and Technology calls for using commercially available, standards-based technologies to improve the security of wireless infusion pumps.

May 11, 2017

The National Institute of Standards and Technology (NIST), in collaboration with the healthcare community and manufacturers, has released draft guidelines designed to help healthcare delivery organizations improve wireless infusion pump cybersecurity.

May 10, 2017

Pointing to a growing number of wireless infusion pumps entering the market, the National Institute of Standards and Technology (NIST) has released draft guidelines for healthcare systems to address cybersecurity threats.

May 10, 2017

The National Institute of Standards and Technology has released for public comment draft guidance on protecting medical devices that deliver fluids and medications to patients – infusion pumps – from cyber attacks.

May 10, 2017

On May 8, 2017, the National Institute of Standards and Technology (NIST), through its National Cybersecurity Center of Excellence (NCCoE), released a new draft NIST Cybersecurity Practice Guide (SP 1800-8) entitled “Securing Wireless Infusion Pumps in Healthcare Delivery Organizations.” 

May 10, 2017

The vulnerabilities of wireless medical infusion pumps (WMIP), are numerous according to NIST published report. Let’s explore accountability. Who is actually responsible for managing, maintaining and controlling wireless infusion pumps?

May 09, 2017

The National Cybersecurity Center of Excellence (NCCoE) recently released a draft of the NIST Cybersecurity Practice Guide, Securing Wireless Infusion Pumps in Healthcare Delivery Organizations, to help improve medical device security. NCCoE collaborated with the Technological Leadership Institute at the University of Minnesota to ensure that wireless medical infusion pumps are properly secured.

May 09, 2017

The National Institute of Standards and Technology (NIST) National Center for Cybersecurity Excellence (NCCOE) has released it’s latest draft medical device related security document, entitled ‘NIST Special Publication 1800-8 Cybersecurity Special Publication 1800-8 Securing Wireless Infusion Pumps – In Healthcare Delivery Organizations‘. Authored by Gavin O’Brien, Sallie Edwards, Kevin Littlefield, Neil McNab, Sue Wang and Kangmin Zheng – the document is available as either a PDF or web-based artifact. 

May 05, 2017

As the world rapidly embraces the Internet of Things, properly securing medical devices has grown challenging for most healthcare delivery organizations (HDOs). That’s because medical devices, such as infusion pumps, have evolved from standalone instruments that interacted only with the patient and a medical provider into devices that now connect wirelessly to a variety of systems, networks, and other platforms to enhance patient care, as part of the broader Internet of Medical Things (IoMT). As a result, cybersecurity risks have risen. Wireless infusion pump ecosystems, which include the pump, the network, and the data stored in and on a pump, face a range of potential threats, such as unauthorized access to protected health information (PHI), changes to prescribed drug doses, and...

April 20, 2017

Gavin O'Brien will be a keynote speaker at ACT-IAC's 2017 Mobile Health Forum at the Renaissance Washington in Washington, DC. This forum will explore the role over privacy and security in shaping the future of mobile health technology

February 19, 2017

The NCCoE will be participating with NIST at the 2017 Healthcare Information and Management Systems Society (HIMSS) Annual Conference & Exhibition at the Orange County Convention Center in Orlando, Fl.  for additional information on presentations, demonstration times, and exhibition location. 

February 09, 2017

The National Cybersecurity Center of Excellence (NCCoE), a part of the National Institute for Standards and Technology (NIST), will demonstrate its current projects in San Francisco Feb. 13-17 at the RSA Conference and Orlando Feb 19-23 at the Healthcare Information and Management Systems Society Annual Conference & Exhibition (HIMSS17).

Individuals and organizations interested in learning more about the NCCoE’s work and how they can participate are encouraged to visit the booth and attend the presentations and demonstrations listed below.

RSA Conference: February 13-17, 2017