The Federal Times, which also has a recently refreshed website which the FEHBlog dislikes, reports on Congress reaction to the OPM data breach. Nextgov.com reports that the Government’s $3 billion Einstein 3.0 anti-hacking program did not prevent breach even though it was installed on the Interior Department’s shared services network.
The tool only looks at the traffic coming into the network as it traverses the Internet service provider, said Ron Gula, chief executive officer of Tenable Network Security, a major contractor for agencies that perform continuous monitoring. DHS is offering all agencies sensors, consulting services and other network surveillance tools under a $6 billion contract.
“The fact that EINSTEIN saw the attack or observed the network traffic from a long time ago is different from the fact that it was recognized as an attack only recently,” he said. Essentially, EINSTEIN cannot act as a real-time detection system unless it knows the specific malware exists in the world.
“At the end of the day, I actually give the federal government high marks for detecting this and reporting it,” Gula said. “It was caught relatively quickly. The reality is, you are not going to keep out all intruders. It’s not a reasonable expectation in today’s day and age.”
If the FEHBlog managed Einstein’s estate, he would be asking that Einstein’s name be taken off this software. NPR posted an interview of several information security executives about the OPM breach. Here is the concluding snippet:
SHAHANI: OPM is offering victims 18 months of free credit monitoring and cyber-insurance. Jason Lewis, with the security firm Lookingglass, criticizes this offer, calls it knee-jerk.
JASON LEWIS: They offer that creditor monitoring like that is somehow going to protect people. There’s no protection from anything.
SHAHANI: He says in this new era where our digital lives are being stolen, credit monitoring doesn’t hurt, but it also doesn’t help. Aarti Shahani, NPR News.
If Mr. Lewis is implying that there is a way to prevent these attacks (other than encrypting data in motion which the FEHBlog understands is not yet feasible), the FEHBlog asks how? The FEHBlog does consider these credit monitoring services to be helpful.
Sitting between the drug manufacturers and the pharmacies, including the PBMs’ mail order pharmacies are the drug wholesalers. Drug Channels reports on recent consolidation in that important sector.
The FEHBlog expects a lot out of personalized medicine. Therefore he was happy to see the Wall Street Journal’s report that a major personalized medicine study was announced at last week’s convention of the American Society of Clinical Oncologists.
The National Cancer Institute is launching a major trial in which it will play matchmaker between 1,000 advanced cancer patients and the growing cadre of drugs that can target tumors by their genetic mutations, not just where they occur in the body.
The study, called NCI-Match, seeks to advance the emerging field of precision medicine by helping to spur development of drugs that precisely target mutations linked to tumor growth. At least 10 pharmaceutical companies will provide a total of more than 20 treatments to be tested—all under the structure of a single study.
A key driver of the strategy is the fact that the same cancer-causing molecular traits are often found in a variety of tumor types, raising hope that a drug effective against the target in, say breast cancer, would be effective in a tumor originating in another organ. Indeed, Roche Holding AG’s breast-cancer drug Herceptin, which targets a receptor called Her2, turned out to be effective—and was eventually approved—for gastric tumors that have high levels of Her2.
But the drug Zelboraf, which is especially effective against the skin cancer melanoma with a certain mutation in a gene called BRAF, turns out to have essentially no effect against colon cancer harboring the same mutation.
“It’s a much more complicated issue than most people would like to hear,” said Richard Pazdur, chief of oncology at the U.S. Food and Drug Administration and a supporter of the studies. “I would have some element of caution” toward assuming broad success in the approach.
Of course, Rome was not built in a day.
Finally the U.S. Supreme Court has four more decision days calendared for this term. The FEHBlog will be watching the old Scotusblog on Mondays this month. But it’s possible that the Court could add a decision day particularly to the last week. The 2012 decision on the constitutionality of the ACA was handed down on Wednesday as the FEHBlog recalls.