Educause Security Discussion mailing list archives
NIST NCCOE recommending WEP for Wireless Medical Infusion Pump Security?
From: Shawn Merdinger <shawnmer () GMAIL COM>
Date: Wed, 24 Dec 2014 11:46:22 -0500
For those working in higher education medical centers and affiliated healthcare providers like hospitals and clinics, consider reviewing and providing public comment on this draft document out of NIST NCCOE. The more the merrier, as I see it... https://nccoe.nist.gov/sites/default/files/nccoe/NCCOE_HIT-Medical-Device-Use-Case.pdf Also, consider reading some of the commentary on the scadasec mailinglist where the terms "disgrace" and "insane" are used by a SANS instructor and a USAF Captain describing some of the document's security recommendations for wireless infusion pumps -- critical medical devices delivering automated intravenous medication to patients. http://news.infracritical.com/pipermail/scadasec/2014-December/012052.html http://news.infracritical.com/pipermail/scadasec/2014-December/012060.html http://news.infracritical.com/pipermail/scadasec/2014-December/thread.html#start http://malwarejake.blogspot.com/2014/12/i-hope-i-never-need-wireless-infusion.html Cheers, --scm
Current thread:
- NIST NCCOE recommending WEP for Wireless Medical Infusion Pump Security? Shawn Merdinger (Dec 24)