Friday, July 24, 2015

Phishing and APT: Top Security Threats 2015


Posted by ,  Phishing, Security

According to 2015’s Black Hat Attendee survey, the gap between the top threats that organizations face and the areas into which investment, technology, and defensive capabilities are being built is growing.
Specific, targeted attacks and spear phishing top the list of concerns for the 460 top-level security experts surveyed for the report — and tellingly, only 26% of the same group reported that investments were being made into these areas.
Given that spear phishing and sophisticated attacks account for more than 90% of all breaches, this failure to build realtime, accurate, actionable detection and remediation capabilities is a significant problem.

Most information security teams spend the majority of their time on the least significant threats.

According to the report, “application flaws across the enterprise consume a great deal of time for the IT staff, yet are seldom considered the greatest threats.”
Underlying this point is a more fundamental one: lack of time to spend on proactive defense is one of the most significant problems facing most organizations’ information security teams. Consider Frost and Sullivan’s recent report on the state of the industry; the average team spends 85% or more of its time focused on remediating known threat.
This misalignment is a significant source of risk for these organizations, however. Patch management, internal code testing, perimeter firewalls, and cloud workload security are all critical components in a robust security stack, but targeted attacks that focus on compromising user accounts, using those credentials for east-west movement and privilege escalation, and exfiltrating sensitive data must be a focus in an effective defense in depth strategy.

Targeted attacks and spear phishing are highest risks, but rarely detected.

“Security pros are not spending their time and budget in a manner that is commensurate with their concerns about current threats.”
Even a cursory review of the breaches that have hit the news in 2015 so far reveal that without strong “left of exploit” capabilities — technology and solutions that can identify early stage attacks, when they are still at the spear phishing, account compromise, and privilege escalation stage — results in data loss.
From healthcare companies to the federal government, it is clear that traditional security solutions are necessary, but on absent early stage, proactive detection and defense, simply can’t prevent breach.
The challenge here is that the traditional solutions to this problem are equally failing to keep up with today’s threat landscape. SIEM platforms, log aggregation, and incident response can’t find these earlest-stage threat vectors — the spear phishing and account compromises that leads to full exploit, often flying under the radar of most other tools. Absent comprehensive situational awareness, it takes weeks or even months to detect and respond to data loss, if it is ever found at all.

Wednesday, July 15, 2015

Use Cases: The path to value from the Internet of Things

Use Cases: The path to value from the Internet of Things
By: Andres Rosello, Marketing Director, PTC

If you are in the business of creating, operating or servicing things you have likely seen a barrage of “billions and trillions” reports recently describing the impact of the Internet of Things (IoT) on your business.

Cisco predicts we’ll see as many as 50 billion “things” connected to the Internet by the end of this decade. That’s a four-fold increase in just six years.

GE estimates that the Industrial Internet has the potential to add $10 to $15 trillion to global GDP over the next 20 years.

However, in order to create real business value in a smart, connected world, we need to shift our focus away from these “billions and trillions” reports and identify the specific IoT use cases that enable each organizational function to transform their business processes and improve operational effectiveness or create strategic differentiation.

While some organizations have started to create tremendous value from the IoT, data shows that the majority of organizations are still struggling to get started. IDC research found that while 66% of Discrete Manufacturers and 67% of Process Manufacturers are actively pursuing IoT initiatives, less than half (40%) of those Discrete Manufacturers and only about half (55%) of those Process Manufacturers have even begun a pilot.

Why the delay? Organizations struggle to define and prioritize IoT use cases and develop a business case to fund initial investment.

To help overcome these challenges we have defined the top 26 IoT use cases based on hundreds of customer interactions, and organized them by the business function or stakeholder they benefit.

To learn more about each of the top 26 IoT use cases, visit

Thursday, July 9, 2015

Uncover the Value in the Internet of Things: Getting ROI from IoT

Uncover the Value in the Internet of Things: Getting ROI from IoT
Melissa DiEgidio, PTC

Smart, connected products and the Internet of Things (IoT) are changing how value is created for customers, how companies differentiate their products and services, and the industry boundaries across which companies compete.
During the recent LiveWorx event in Boston, a panel of Industrial Internet Consortium (IIC) members addressed the value within IoT.
“There’s a lot of hype around IoT, said panel member Syed Hoda, CMO at ParStream, which offers an analytics platform. “But there are some things that are actually real-life, places where you can monetize it and customers like it,” he said.
Yet, a recent ParStream survey of early IoT adopters found that measuring ROI is a challenge. “Only one-third of companies had metrics, and about another one-third said they didn’t know how to measure it,” Hoda said.
“A lot of companies are just trying to learn,” Hoda said. But the companies with the best ROI were also the best at collecting and acting on data to generate value quickly, he said.
EMC’s Wayne Adams agreed that many companies struggle with where to start. It’s not as simple as taking information from sensors and benchmarking data, said Adams, senior technologist and director of standards at the company.
“It’s not just about the data. It’s about knowing what to match additional information to before you can do analytics.” Many companies find that the value in data from connected products is exponentially enhanced when combined with data from other sources, for example enterprise systems data from CRM, ERP or PLM systems.  
The challenges IoT bring are not just confined to the question of how to collect and analyze the data generated from connected products. There’s the question of how to define and communicate the value.
Allan Alter, senior research fellow with consulting group Accenture, said the first step is to understand what your customer wants.
“Thinking about the customer is where it all starts,” he said. Companies must be able to clearly define and articulate the value proposition for customers and internal stakeholders in order to succeed. 

Want to hear more from the ICC panel “Getting from IoT to ROI: A Panel Discussion on the Business Side of the Industrial Internet” watch the LiveWorx replay today

Tuesday, July 7, 2015

12 Failure Modes of an Agile Transformation

Posted by Jean Tabaka in Agile

The year? 2015. The setting? An Agile transformation near you. The problem? You’ve hit a wall. Despite all your best intentions, you’re still not getting those promised benefits of Agile: speed, quality, value, sustainable growth across your organization. And your problems don’t stop there. You aren’t responding to market threats; you can’t even see market threats; you’re unable to retain great employees; you’re not an industry showcase. In the end, your Agile transformation has brought cynicism and distrust.
You may have heard me talk about “12 Agile Adoption Failure Modes” that concentrated on agile failure in the context of IT teams. Given the expanded adoption of Agile practices in organizations beyond the IT group, the threat of failure is now farther-reaching, with bigger impact.
Now it’s imperative that we look not just at Agile adoption, but at Agile transformation — where organizations move beyond Agile principles within their IT groups to business agility. To accomplish this, we transform from just doing Agile to being Agile.
Over the next few weeks I’ll share with you the top 12 failure modes of an Agile transformation that I’m witnessing in my work with organizations around the globe. The first three center around LEADERSHIP.

1. Lack of Executive Sponsorship

 photo via Flickr CC

This failure mode evidences itself in several different ways and ultimately, it warrants its spot as the number one failure mode and drives all the other failure modes. Also known as “buzzword buy-in,” a lack of executive sponsorship can come at you from two directions
Imagine a small group of techies eager to adopt Agile in their team. With no executive sponsorship, they perform in a stealth environment — sort of a “skunkworks” adoption — under the radar of the existing organizational structure. Why? Because they’re hiding from the hierarchy of management (see the second failure mode, below) which could shut down their effort, and evading the current gate-driven approach to product delivery. While the project may gain some momentum, deliver value faster, and stir the souls of those involved, its sustainability is improbable. Lack of executive sponsorship will limit visibility into the team’s success and provide insufficient support for adoption across subsequent teams. Agile adopted this way will likely die.
In our second scenario, an executive decrees a switch to Agile delivery across the entire IT organization, but there’s no real follow-through: it’s simply a “checkbook commitment.” The executive demands immediate results, yet doesn’t change the metrics by which success is measured. Unengaged, the executive proclamation for an Agile adoption will never move to a true business transformation. At best, without the executive’s continued engagement, the organization will only have pockets of Agile success, typically limited to the team level. The organization will probably grow to blame Agile (and each other) for decreased quality and productivity. And the executive’s resignation letter will conveniently not include the word “Agile” in its summary of successes.
How do we prevent this failure? Leaders must accept that a successful transformation is a journey. Along this journey, leaders seek guidance for a transformation with a broad, sustainable impact. As part of the transformation they make a personal commitment to their teams, and in turn they recognize the personal commitment they are asking of their employees. Executives commit to measuring success differently from before, because the work is different from before. Success now favors value delivery, and time for learning is built into the transformation. Ultimately, success is celebrated across the organization and setbacks are seen not as failures or cause for blame, but as opportunities for learning and growth.

2. Failure to Transform Leader Behaviors

Isn’t it great to have managers who just get things done? They know the right actions to achieve success; they direct their teams to perform these actions; and they have the power to control all aspects of the work and do whatever it takes to get it done.


Let’s pull this apart a little. When a manager tells the team what to do, there’s a false sense of success via control. When a manager powers through difficult circumstances regardless of the impact on the team, they leave the wisdom and the morale of the team behind.
 photo via Flickr Commons
Such a management style is a classic Agile transformation failure mode. All the team-level Agile practices in the world mean nothing if the manager doesn’t embrace a behavior that is more in service to the team than control of the team. Robert Greenleaf’s work identifies the characteristics of what he calls a “servant leader”: one who serves by leading, and leads by serving. An Agile transformation success story hinges on the ability of the leaders in the organization to take on these characteristics:
  • Systematic neglect: knows the limits of how much focus can be allocated to issues; learns what to focus on and what to let go of in order to support the team and achieve goals effectively
  • Acceptance: knows when to let go and trust the instincts of the team; accepts the wisdom of the team and is prepared to support it
  • Listening: facilitates useful and necessary communication, pays attention to what remains unspoken, and is motivated to actively hear what others are saying
  • Language: speaks effectively and non-destructively; clearly and consistently articulates the vision and goals for the team
  • Values: is responsible for building a personal sense of values that are clearly exhibited through consistent actions; supports team behaviors that build their sense of values
  • Tolerance of imperfection: modulates his or her own sense of perfection and offers to each team member an understanding of their strengths and challenges; cares more about “How can I help the team grow?”
  • Goal setting: owns the vision; doesn’t advocate for a personal belief in what is right but rather maintains the goal for a higher purpose, inviting others to align with the vision for the overall good
  • Personal growth: recognizes the value of continually finding diverse disciplines that invite new ways of acting in service to the team, and models this growth behavior to inspire others
  • Withdrawal: knows when to step back and allow the team to figure out its course, versus inflicting a personal sense of what is right for the team; carefully decides what to bring forward and when

3. No Change to the Organizational Infrastructure

What is your current organizational structure? How many layers of management exist around each Agile team? How is governance perceived, and who is ready to break down walls to make sure that value flows through your organization?
 photo via Flickr CC
Failed Agile transformations suffer from an inability to change the existing organizational structure. What do I mean by this? Typical organizations have been set up for sub-optimization: that is, they measure success by departmental performance, versus overall value delivery. Here’s what that looks like: In the book This Is Lean, authors Niklas Modig and Par Ahlstrom depict a soccer field scattered with teams, each one in its own tent. Success is defined as any one team getting the ball out of its tent. But is that really success overall? In this scenario, as in our traditional organizations, we create accidental adversaries. We limit visibility of the organization’s overall effectiveness, and focus on our team’s success at the expense of success for the organization.

True Agile transformations push the boundaries of these existing organizational hierarchies. In the soccer field metaphor, we remove the tents. Now everyone can see where the ball is, where everyone else is, where the goal is positioned, what the referee is indicating, what the coach is saying, and what the scoreboard says. In your effective Agile transformation, you know what the true value is, you know who needs to be involved in order for the value to be delivered, and everyone associated with the value delivery has visibility into the current state of the value stream, including its blocks. They see the goal as successful delivery of value to the customer, and they coordinate as a whole to deliver that value.
Here’s another symptom that your organizational infrastructure is crippling your Agile transformation: Does your organization cling to a notion of efficiency based on resource usage — believing that loading people to 100% capacity is the best way to get work done, and then measuring people annually by how well they deliver in this fully-loaded mode?
To incent greater collaboration and communication, you need to revisit how you appraise work. Instead of annually, by individual, 100% utilized, with MBOs set 12 months earlier, you should invite frequent feedback; focus more on team effectiveness; and bias performance appraisal toward efficiency of value flow versus efficiency of workers.
If you’re not feeling the discomfort change brings, you aren’t truly transforming. If your transformation isn’t requiring you to invest in the technology and culture to support a new mode of visibility and collaboration, you aren’t truly transforming. If you’re adopting some Agile practices at the project level without looking at the bigger picture, your Agile transformation is poised for failure. And Agile, not the failure to transform the organization, will get the blame.

Friday, June 19, 2015

Robotics Cluster meeting hosted by WPI

Our June 2015 Robotics Cluster meeting was attended by 35+ MTLC members at the oldest building in the United States still used for engineering education, Washburn Shops and Stoddard Laboratories at WPI in Worcester.  We learned all about the history and objectives of the DARPA Robotics Challenge.  Mike Gennert and Ta┼čkin Padir discussed their system architecture and Team WPI-CMU’s progression through the various phases of the challenge to the most recent competition. They described working on – and with! – WARNER (their Boston Dynamics Atlas robot) to perform the competition’s tasks. Holly Yanco spoke about initial impressions of the human-robot interaction, giving a control room perspective of the competition.  Congratulations to Team WPI-CMU for their impressive achievement!

Enjoy this fun YouTube video of “falls” during the DARPA Grand Challenge (note WARNER is not part of this video):

Velin Dimitrov, a PhD Candidate at WPI, presented two WPI projects:  WALRUS, a Water And Land Remote Unmanned Search Rover, and CARE, Cyber-Physical Systems for Advanced Response to Epidemics.

We were then treated to a tour of some of the robotics labs on campus.

Warner – JUST returned from Pomona, CA after the DARPA Robotics Challenge – still in his crate!

Tye Brady holds Warner’s hand – with Mike Gennert
Robotics Cluster Women: Lenore Rasmussen, Founder of Ras Labs, Jill Wittels, CEO of Sostenuto Strategic Advisors, Kathleen Hagan, President of Hagan & Company

Wednesday, June 17, 2015

RoboInnovation Panel

Representatives from various Robotics Innovation Initiatives and Test facilities discussed the path forward for Robotics in Massachusetts during the Devens Robotica event.

Our intellectual capital in the region is beyond compare and our entrepreneurship is thriving – put that with MassRobotics, NERVE Center, Joint Base Cape Cod and Devens IOP – what do you get?  The Robotics capital of the world!!  Where else would you rather be?

Left to right:  Tye Brady -  Draper Laboratory & co-founder of MassRobotics, Adam Norton – Manager of the NERVE Center, Joyce Sidopoulos – MassTLC Robotics Cluster Manager, Jose Vazquez - President at Avwatch providing services to JBCC, Richard Kelley – co-founder of Devens IOP

Wednesday, June 10, 2015

Spear Phishing Detection Matters: The Anthem Data Breach

By: Kevin O'Brien of GreatHorn


Spear Phishing Detection: Why Machine Learning Is The Answer

A key lesson to take away from the Anthem data breach is that organizations need to recognize that simply throwing a SIEM or log aggregation tool and an IDS into their infrastructure is not sufficient. Consider how the Anthem data breach worked:
Robots are better at catching phish.
  • A group of Chinese Hackers, dubbed “Deep Panda” by Crowdstrike, registered a domain ( that was designed to look like Anthem’s corporate domain prior to Q4 2014 (
  • A number of subdomains, including and, were also tied to the suspicious domain; trojan-horse style malware was installed on these domains.
  • The malware, masquerading as “CITRIX Access Gateway Secure Input”, was digitally signed with a certificate owned by DTOPTOOLZ Co., who are associated with the Deep Panda group
  • Spear phishing attacks sourced from the number-substituted were used to propagate the malware throughout Anthem
  • The compromised accounts were used in a classic escalation of privileges and subsequent data exfiltration scheme

The Case for Predictive Analytics

This is a depressingly standard attack — and it works, repeatedly, for three basic reasons:
  1. Users are a weak link: As busy as most people are, the difference between and is apt to go unnoticed, especially if the resulting site looks and operates as expected
  2. Information security analysts are buried in alerts: Even when good monitoring software exists, it’s unlikely that the average infosec team (or worse, IT or DevOps team who have had security thrown onto their already overloaded plates) will see and respond to minor domain name changes
  3. Attacks that take place over long periods of time fly under the radar:
  4. Time to detection for the average attack is measured in weeks and months; attackers can get into an environment in minutes or hours. If they are patient — and most government sponsored or large criminal syndicates can afford to be — they can spread the attack out over a long enough timeline to not be noticed.

Reducing Time to Detection and Response

The measurement of good security (in light of this type of sophisticated attack) should be time to detection and time to response. Based on Verizon’s 2015 Data Breach Investigations Report (well worth reading), however, these two key performance indicators are both trending in exactly the wrong direction:
Time to detection and response matter.
The good news is that even modest staffed information security teams can be given the means to change this trend. Machine learning and predictive analytics tools are capable of seeing threats that human users miss, manage even vast quantities of alert data, and identify trends across long timeframes.
It’s clear that something need to change; intercepting spear phishing attacks, recognizing and interrupting early indicators of intrusion, and protecting your organizations’s critical data is well within reach. Want to see for yourself? Request a free trial of the GreatHorn predictive security platform today, and don’t become the next Anthem.

Tuesday, June 9, 2015

Internet of Things Conference: How Smart, Connected Things Will Change Your Business

June 3, 2015

Last Wednesday nearly two hundred people from the MA region came together to share insights on the need to rethink strategies, operations, processes, and technologies when embarking on the internet of things (IoT).

Delivered by John Clippinger, Research Scientist at the MIT Media Lab Human Dynamics Group and Executive Director and CEO of ID3, the keynote address highlighted the transformative way in which devices have taken the place of people as primary observers and data gatherers.

Opportunistically, this enables multiple sources to collect and analyze data providing user experiences and which can have a hugely positive effect on organizations’ bottom lines. And as machines get smarter, the experiences continue to get better.

Yet while the technological capabilities continue to grow, so does the need for defining data ownership, governance, and authentication measures. And understanding that the antiquated regulations and processes must be updated to address our current and future needs.

As Clippinger stated “we are creating new classes of assets” and those all need to be controlled. From the smart televisions in your home collecting data about your TV habits to your cars collecting data about your driving behaviors. This data – your data – is owned by the provider. And you, the consumer, must balance these improved experiences with your sharing your personal data.

Clippinger wrapped his talk with a set of autonomous governance technologies that must be considered when multiple devices are collecting data on multiple stakeholders, across many borders, and a number of owners, including:
  •         Governance without Government
  •         Authorization without Authorities
  •         Regulation with Regulators
  •         Adjudication and Sanction without Lawyers and Judges
  •         Polis without Politicians
  •         Auditing without Auditors

John Clippinger Presentation

Following the keynote, we had a number of sessions that took deeper dives into different aspects of business strategies, regulatory bodies, data infrastructure and architects, and security.

In a panel that included Michael Munsey of Dassault Systemes, Andy Thurai of IBM, Rob Purser of Mathworks, Howard Heppelmann of PTC, and led by Chris Rezendes of INEX Advisors provided their experiences in redefining how strategic processes are created and implemented.

Asked how each defined IoT in their own views the panelists talked about better products and experiences, enjoying the benefit of having better insights and interactions into the world that never existed before, and understanding that the value derived is for themselves, their customers, and ultimately their customers’ customers.

Heppelmann expressed how IoT has changed the shape of business in that the conversations are happening at the CEO level as they flow back to engineering, sales and marketing, and every aspect and department within a company. Munsey followed that up with the huge capital investment that is going to be required, and the multitude of infrastructure providers that are gambling their futures on supporting IoT infrastructures.

Similarly to a data science team, embarking on IoT will require a variety of people across the organization each with different skill sets to build and manage a connected product. Thurai furthered this point by stating that often it is the CMO or others who want to drive business value and revenue funding these products.

Dassault Systemes Case Example

Mathworks Case Example 

The next panel, What Big Data Will Require in an IoT World, moderated by Paul Barth from Podium Data, included Kris Alexander from Akamai, Chris Baker from Dyn, and Pavandeep Kalra from Microsoft.

Alexander talked about how the entire model of big data has been inverted with IoT, whereas the internet has been geared to send massive amounts of large data sets out, but connected devices are now sending massive amounts of small data sets back in.

Kalra who focuses much of his work on machine learning, talked about how more and more there will be a marketplace of machine learning APIs which you can leverage. He also talked about pushing everything to the cloud and then testing in that type of safer environment before making any operational changes.

Baker talked about the importance of obtaining the right information and putting that back into the device to continue to learn and redeploy. Baker also said that having a firm understanding of timing when collecting and redeploying data, such as a pace maker, is the most important component of an IoT product.

Our next session was a fireside chat style discussion between Niko Pipaloff of PwC and Said Tabet of EMC, who was there on behalf of the Industrial Internet Consortium (IIC).

Tabet talked about the IIC’s mission, which is to take IoT forward. Just a year old, the IIC has already amassed 170 member companies and is currently running 6 test beds across the globe to help develop the use cases that companies can use as an example of how to bring the physical and digital worlds together. .  The IIC’s test beds can leverage use cases to build the requirements for the future.

Pipaloff spoke of the benefit of having already proven that working together and offering open standards at with the creation of internet over two decades before will help us.

They concluded the discussion by reiterating that IoT is massive and it’s here already and that a number of small organizations must all come and work together to create the standards and regulations

As the Value of Data panel got underway, it was very clear that it really is all about the data. But what this stellar group talked about was how to understand what data you need and why.

According to Rob Patterson from ColdLight, 9 out of 10 companies coming out of academia are based on artificial intelligence technology - highly data intensive. Combining the AI with machine learning and skilled talent, the intelligence gained can be enormous.

Don Schuerman from Pegasystems, talked about the best insights coming from multiple devices connected to each other to discover external drivers and changing the outcomes.

Subu Ramasamy from Philips Lighting talked through a number of case studies in which creating connected lighting could provide efficiencies through measuring occupancy rates, not just in energy consumption, but also in cleaning or stocking particular offices based on use. He went on to say, customers are not looking for technologies they are looking for services.

When probed by the moderator, Jeff Kaplan of THINKstrategies, the panel members all agreed challenges were around the complexities surrounding the variety of data sources and sets as well as the the limited talent that exists today.

The conference closed on perhaps the most important topic of the day, security. Editor in Chief of Security Ledger, Paul Roberts facilitated a discussion between Brandon Creighton of Veracode and Paddy Srinivasan of Xively by LogMeIn.

The panelists talked about the first step – identifying there is a very real problem. And they stressed that today we are in a world where every vertical now needs to have an information security mindset, but unfortunately that is not the case.

Srinivasan and Creighton spend a great deal of time talking with their customers about what risks exist in products that do not have operating systems.

Srinivasan went on to suggest that he urges customers to follow a multi-step process that includes: uniquely identify each connected device, then securing the information that is coming from the device to the cloud. And once the device and communication are secured, there is then a need to secure and ID the data and assign permissions and actors to that data.

Creighton concludes his remarks with stressing that until there are established protocols for IoT, to have have your engineers do security training, understand what the basic code mistakes are, and then retain security experts to review the architecture and communications networks. And the most important thing is to do this during the development, not as an add-on.

Thank to our Platinum Sponsors: Mathworks, PTC, and PwC

Tuesday, June 2, 2015

Robotics Cluster meeting hosted by Harvest Automation: May 28, 2015

Our May 2015 Robotics Cluster meeting was attended by 40+ MTLC members, standing room only!  After “around the room introductions”, as is customary at our meetings, Josh Lessing gave us a look at Soft Robotics, taking Harvard research to soft grippers with their first sale just THIS month!  He spoke of understanding the customer need, solving their problem, and their process – stressing the importance of balancing adaptability, complexity and cost.
Tye Brady, Distinguished Member of Technical Staff at Draper Laboratory, discussed his findings and recommendations for enabling UAS growth within Massachusetts a result of the MAAVRIC (Massachusetts Autonomous Air Vehicle Research and Innovation Consortium) study completed earlier this year.
Soft Robotics demo box

                        Kenn Sebesta with CyPhy’s LVL 1 Drone                       

Charlie Grinnell, Founder & COO of Harvest Automation gave a brief history of the company and new growth areas they are pursuing.  We later received a tour of their ecommerce test site and a live demonstration.
There was no shortage of live demonstrations during this meeting.  We were treated by Kenn Sebesta to a demonstration of Cy Phy’s LVL 1 Drone – which Kenn flew indoors:  <  click here 1 >  This project has almost doubled its funding goal with Kickstarter and will be funded on 18 June 2015.
After a long networking break, many in the group ventured over to the Harvest warehousing test site to watch the TM-100 in action.  This is a distribution/fulfillment robot available for purchase next Spring 2016.  See this bot in action <  click here 2 >

Friday, May 29, 2015

The State of Cybersecurity and Healthcare

By: Thomas Smolinsky of Navinet

The healthcare industry has certainly become a desirable target among the advanced hacker population. I’m not the only one who recognizes this. At HIMSS15 this year in Chicago, healthcare IT professionals gathered to discuss the hottest topics impacting health IT. This year, patient privacy and data security made the top of the list. This was evident with the event’s new Cybersecurity Command Center that featured breakout sessions, demos, and talks focused on how to improve cybersecurity in healthcare. CIOs and technology professionals alike have banded together since the conference to discuss new, innovative ways to tackle these new cybersecurity threats.