Medical device cybersecurity: It ’s time to get real

Medical device makers, regulators and healthcare delivery organizations are increasingly working together to strengthen cybersecurity. But are they doing enough? [Original image courtesy of istockphoto.com]Almost no one in the medtech industry disputes the vulnerability posed by cyberattacks. How to go about boosting security is another matter – one on which those stakeholders have recently stepped up their collaboration. One group, the Healthcare & Public Sector Coordinating Council, thinks it has a solution: Health providers and other customers buying a connected medical device should be able to remotely access a cybersecurity bill of materials (CBOM) that would list all commercial, open-source and custom-code software. Available via remote access for customers, the CBOM would also include commercial hardware such as processers, network cards, sound cards, graphic cards and memory. The council’s recently issued joint security plan calls for more vulnerability disclosures, notices of breaches, software and hardware upgrades and security patch availability. Companies would also need to notify customers before they end technical support for older devices. “It’s this voluntary framework that establishes best practice for cybersecurity at a medical technology company,” council member Rob Suarez, director of product security at Becton Dickinson, told Medical Design & Outsourcing. “This joint security plan establishes the common ground which many medical devi...
Source: Mass Device - Category: Medical Devices Authors: Tags: Business/Financial News Featured Health Information Technology Software / IT Abbott bectondickinson Cybersecurity Green Hills Software Mayo Clinic Source Type: news