Fortunately OpenSSL is publishing a fix on Tuesday – OpenSSL versions 1.0.2g, 1.0.1s – to deal with the protocol flaw. Many systems are vulnerable to an attack that may be comparable with Heartbleed. “This flaw is more than a product vulnerability; it’s a protocol flaw,” according to Ivan Ristic, a software engineer and founder of SSL Labs, “The impact is significant.”
Mr. Nichols has over 25 years of experience in the Information Security and Healthcare Technology industries. Mr. Nichols leads the Global Product Security program at Danaher Corporation, representing over 30 companies, including 4 medical device manufactures and 8 life sciences companies. Focusing on security by design for Danaher’s medical devices, diagnostics, life sciences, water quality, environmental and applied solutions product portfolios. Mr. Nichols is the chairman for the Danaher Global Product Security Council and serves on the steering committee for the Medical Device Innovation Consortium (MDIC). He is a certified healthcare information security and privacy practitioner (HCISPP) and a certified HIPAA privacy security expert (CHPSE).