Down The Security Rabbithole

St. Jude, MedSec and the FDA FDA, St. Jude go through disclosure/fix cycle No mention of MedSec - interesting for discussion; did they have an impact? St. Jude does a fairly great job of notification, updating “Benefits outweigh the risks”... that’s a big statement http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm535843.htm http://www.businesswire.com/news/home/20170109005921/en/St.-Jude-Medical-Announces-Cybersecurity-Updates http://www.medsec.com/entries/stj-lawsuit-response.html http://podcast.developsec.com/ep-56-security-contacts   New York financial regulator to delay cyber security rules Originally supposed to go into effect Jan 1.. New Date is March 1 We discussed in passing in a previous episode There are final adjustments being made, of course http://www.reuters.com/article/us-cyber-new-york-idUSKBN14A224   Massachusetts makes data breach reports available online http://turnto10.com/news/local/massachusetts-makes-data-breach-reports-available-online-01-04-2017 Seems less like a