New study shows healthcare lagging behind in software security

    Oct. 19, 2015
    Hmt Topic News1

    Cigital, a vendor of software security solutions, released data from BSIMM6 – the latest from the industry’s first and only software security measurement tool built on real-world data. BSIMM6 also marks the addition of the healthcare industry, providing healthcare organizations a critical mass of data to help them assess, compare, and contrast their software security initiative with others in the industry. The data, following on the heels of the Anthem and UCLA Health data breaches, confirm underlying issues in healthcare software security practices.

    Adding the healthcare industry deepens the BSIMM data set and provides a sharp view of the value of the BSIMM. The BSIMM data for healthcare clearly demonstrates that healthcare organizations lag in software security practices, falling significantly behind independent software vendors, financial services firms, and even consumer electronics providers. For healthcare organizations looking to address the problem, the BSIMM provides an objective measurement of an organization’s software security initiative and where these measurements fall within their industry. The data and associated context enable firms to plan a roadmap built on science to mature their software security initiative.

    “We are very proud of the growth of the BSIMM data set and of its accuracy,” says Dr. Gary McGraw, CTO, Cigital. “The addition of healthcare in BSIMM6 enriches the model and shows growing awareness of all verticals toward measuring their software security initiative. The healthcare data show that the industry has plenty to learn from other industries when it comes to software security. Fortunately, the BSIMM community is set up to facilitate and accelerate that learning.

    Dr. McGraw, along with Jacob West, Chief Architect, NetSuite, and Sammy Migues, Principal, Cigital, analyzed data collected during the past seven years of software security research

    Other highlights of the report include the top 12 activities frequently performed by the most mature software security initiatives.

    Continue Reading

    Sponsored Recommendations

    Streamline waste disposal, simplify compliance, and reduce unnecessary costs. This guide shows how MedPro helps practices cut confusion, not corners, while supporting over 40,...
    The patient experience doesn’t fall to just one department. Learn how your physical security system can improve safety and security, and help contribute to a positive patient ...
    Discover how identity data impacts patient safety, experience, and your system’s bottom line — and how Banner Health built a compelling case for change.
    Streamline waste disposal, simplify compliance, and reduce unnecessary costs. This guide shows how MedPro helps practices cut confusion, not corners, while supporting over 40,...