Tom Mangan

Health care organizations are slowly waking up to a troubling new reality: Criminals increasingly see web applications as a promising path to lucrative patient records. Why are web apps so tempting?

Because they can often be breached without setting off intrusion-detection alarms or getting flagged by anti-virus software.

Read on to learn more about the health care web-application ecosystem and potential HIPAA audit concerns. This playbook will outline potentialvulnerabilities and offer guidance on securing health care apps to prevent expensive data breaches.

Forensic engineering occasionally requires explaining phenomena that seem to defy the laws of nature. Such was the case recently when CTL Engineering was hired to figure out how an apartment’s bathroom shower apparently turned itself on—causing considerable mold, mildew, and moisture damage.

How could a shower turn itself on?

The case involved a brand-new apartment that had never been rented or otherwise occupied. It had never even been entered in the eight months since its final construction inspection. Eventually, a maintenance worker entered the apartment on a routine inspection and noticed something unexpected: black splotches discoloring the walls and ceiling.

Intruders love to attack web applications. Why? Because lots of web apps are designed to do a specific job quickly and efficiently — and start paying off as soon as possible.

The sad truth is that too many times, security takes a back seat in the get-it-up-now world of web app development, especially when we’re talking about custom code rather than commercial software. Hackers know this, so they do everything they can to exploit vulnerabilities in web apps.

A web application exposes your network to the public internet. If you don’t harden your web apps, you’re basically leaving the front door unlocked and inviting the world in. The world is full of great people, of course, but often the ones who want into your network are precisely the ones you want to keep out.

The security picture just keeps getting worse for businesses as cybercriminals resort to ever-more devious means to extort businesses with ransomware and steal valuable data to sell on the black market.

As the security blog Ride the Lightning reported, the 2017 IBM X-Force Threat Intelligence Index found that records compromised surged 566 percent from 600 million in 2015 to over 4 billion in in 2016.

That surge created a glut of stolen structured data like names, addresses, phone numbers, and other data that’s easy to categorize, according to IBM. With the oversupply undermining the value of structured data, cybercriminals had an incentive to sift for more precious gems in unstructured data like emails, source code, internal reports, and intellectual property.

Nobody wants to experience downtime due to a natural disaster, cyberattack, or some other unforeseen failure. Today’s economy has become so dependent on data that losing crucial IT resources for hours can damage a company’s reputation and bottom line.

That’s why Disaster Recovery-as-a-Service (DRaaS) has become such a fast-growing industry sector. DRaaS providers make the most of cloud technologies to supply real-time failover that ensures your critical applications are always available, even if your production environment experiences an incident or outage.

The question is, which DRaaS provider should you partner with? Of course, everything depends on your company’s unique business and IT needs, but there are at least four questions you should ask DRaaS providers to help narrow down your choices.

If you know you have HIV, you should tell your sex partners before doing the deed.

That’s just the right thing to do.

But HIV criminalization takes this to the extreme: More than half of U.S. states have laws that can put you prison for years if you know your HIV status and don’t tell it to a sex partner.

This is bad news for doctors and nurses, because HIV criminalization discourages people from getting tested. If you don’t know your HIV status, you can’t be prosecuted under mandatory-disclosure laws.

It’s not hard to put two and two together: “If I don’t know my status, they can’t put me in prison.” And that means people won’t get tested because they’re afraid of going to jail.

The attack happened on a Sunday, when few people were around. Hackers apparently based in Russia broke into the computer systems of a St. Louis metro-area charter school system, encrypted all its files, deleted on-site backups, and demanded a ransom paid in bitcoins, the cyber currency.

The school system became the latest victim of the scourge of ransomware, a rising threat in which criminal hackers invade computers or networks, encrypt everything and try to extort a ransom for their victims in exchange for putting their systems back online.

Scientists are gathering immense databases exploring how our genes influence our health. And even more data is coming from wearable devices and app-enabled smartphones.

Sooner than we may expect, gene science, big data and wearable technologies will converge to forever change the way we prevent, predict, diagnose and treat diseases.

“I think we're going to see an explosion of all kinds of data that will help manage people's health and predict medicines they should use at a level that's never been done before,” says Michael Snyder, PhD, Professor and Chair of Genetics and Director of the Stanford Center for Genomics and Personalized Medicine.

The Positive Peers project consists of a smartphone app, social media campaign and blog packed with information serving HIV-positive people living in high-risk communities.

The Stanford Engineering Heroes program recognizes the achievements of Stanford engineers who have profoundly advanced the course of human, social and economic progress through engineering.

Because engineers often work behind the scenes, the Heroes program's objective is to highlight the profound effect engineering has on our everyday lives and to inspire the next generation of engineers.

Thirty-two engineers – selected from among alumni and former faculty by a panel of distinguished subject-matter experts and technology historians – have been named as Heroes since the program began in 2010.

The future of the offshore wind market depends on where you’re standing.

> In Europe, the offshore wind market is so well established that new generations of equipment are replacing obsolete machinery.

> In North America, the industry is so new that it exists largely on the drawing boards of offshore-wind developers.

> In Asia, it’s somewhere in the middle as China ramps up its offshore wind capacity.

Gravity from the sun and moon tugs at the surface of our oceans, creating tides that move massive quantities of water across broad expanses of shoreline twice a day. All that moving water produces kinetic energy we can convert into electrical power.

Though all of the earth’s continents have shorelines and tides, we haven’t done much with all that energy.

Tidal energy has several key advantages that must be weighted against important drawbacks.

A genome is essentially a database of a living thing — which makes translating this precise information a powerful approach for guiding drug development and bringing treatments to market faster.

It’s a fundamental of science that today’s failures are stepping stones to tomorrow’s successes.

But that tends to get lost when clinical trial failures hit the headlines. Stock prices take a hit, investors demand answers and patients’ hopes diminish.

Fortunately, drug developers have new tools to reduce the likelihood of clinical trial failures, thanks to the emerging field of data science.