Buggy software is insecure software

Digital health software is like a favela — great UX, layers of challenging complexity under the hood

Business Threat Modeling

Abstract

  1. Security assessment of complex software systems
  2. Quantitative evaluation and financial justification for security countermeasures
  3. Explicit communications between developers and security
  4. Sustain continuous risk reduction

The problem: Defective systems are insecure systems

Email security and human weakness is not the issue

Why don’t digital health organizations do more to improve their production software quality?

The need to understand operational risk of information security

The objective: cost effective system defect reduction for digital health

  1. Use a risk analysis process that is suitable for production software systems. Collect data from all levels in the organization that touch the production system and classify defects for risk mitigation according to standard vulnerability and problem types.
  2. Provide executives with financial justification for defect reduction.
    Quantify the risk in terms of assets, software vulnerabilities, and the organization’s current threats.
  3. Require the development and IT security teams to start talking.
    Explicit communications between software developers and IT security can be facilitated by an online knowledge base and ticketing tool that provide an updated picture of well-known defects and security events.

Security assessment of complex software (Tenet #1)

There are no rules — anyone can play

The risk analysis loop — chaos is ok in the process

1. Set scope — stay focused and do less

Set scope for your work — be focused

2. Identify business assets

Identify your business assets

3. Identify software components

Break down your system into bite-size pieces

4. Classify the software vulnerabilities.

Quantify your vulnerabilities

5. Build the threat model

Build the threat model

6. Build the risk-mitigation plan

Prioritize risk mitigation with money and depth of damage reduction

7. Validate findings — more eyeballs are better

Quantitative evaluation and financial justification (Tenet #2)

Customer case study — digital transformation of a legacy healthcare system

Risk summary in dollar terms

Explicit communications between developers and security (tenet #3)

Using Slack and Github for digital health risk management

Sustaining CONTINUOUS risk reduction

Training a team that can sustain quality

Improving best practices in the software development life cycle

--

--

--

I am a physicist by training, serious amateur musician and everyday biker. Working in cybersecurity and AI-driven monitoring of clinical trials.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

The EPIC $CLOUD Tokens #Giveaways

XT Will List LFT(Lifetime)

{UPDATE} Beauty Darts Hack Free Resources Generator

{UPDATE} Mystery of the Ancients: Dolch Hack Free Resources Generator

Good day , My name is Johnny, Today I will be discussing about Decentralized IDs and How they works…

ACTION RAFFLE — Week 5–4/30/22

Paideia Contribution Phase Instructions

Security 1: Encryption/ Decryption vs Hashing

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Danny Lieberman

Danny Lieberman

I am a physicist by training, serious amateur musician and everyday biker. Working in cybersecurity and AI-driven monitoring of clinical trials.

More from Medium

Meet the Kambrian — Ionut

How Many Threads is Too Many?

Get Started, For Real

An intro to codegen with AWS Smithy — III C++ entity codegen