How does a flaw potentially affecting the integrity of printer management application get a “critical” severity rating and one affecting the integrity and operation of anesthesia machines get a “moderate” severity rating? It has to do with our evolving and still immature system of rating (and therefore thinking about) cyber risk.
- Introducing Securepairs.org: Fighting Infosec FUD for the Right to Repair
- Episode 153: Hacking Anesthesia Machines and Mayors say No to Ransoms
- Breathe Deeply: DHS warns of Flaw in Hospital Anesthesia Machines