A number of regulations have been put in place to help fortify medical devices and their manufacturing lines against potential attack patterns, including the revised Directive on the Security of Network and Information Systems (NIS2 Directive). The introduction of NIS2 will help form a better coordinated basis for cybersecurity action. Here’s what you need to know about it.
Read More
Moving away from static offline devices and paper notetaking, to having the full system and communication done online was a breakthrough for the healthcare industry. This however introduced new challenges for medical device cybersecurity. This article explores some of the most alarming statistics on how the industry has been affected by cybersecurity threats over the past few years.
Read More
The landscape of cybersecurity is crowded with buzzwords – sometimes to the point of confusion. While simply avoiding them is one way to go about it, understanding them will go a long way if you want to protect your healthcare organization and medical devices from potential cyberattacks. In this article, the most used terms have been broken down, so the next time you encounter them, you can avoid confusion!
Read More
A Coordinated Vulnerability Disclosure (CVD) refers to a specific structured process where vulnerabilities are reported to organizations in a manner that allows for diagnosis and remediation before released to third parties or the public. CVD comprises of the coordination between the reporting entities and organizations with particular regard to the timing for both the remediation and publication of vulnerabilities. This blog post will explore the basics of CVD and what you need to be aware of.
Read More
Software Bill of Materials (SBOM) and Vulnerability Exploitability eXchange (VEX) are becoming essential components of medical device cybersecurity. The effectiveness of medical device security practice, however, can be challenging to accomplish without first understanding how VEX complements an SBOM throughout the product lifecycle. Let’s explore how to make the best use of these two concepts in this article.
Read More
The ongoing digitization in healthcare has brought not only new opportunities to improve patient care, but also challenges in cybersecurity. To address the issue and ensure the security of new medical devices, state-of-the-art regulatory frameworks are mandatory. Let’s discover some of the new industry developments, discuss the best practice documents and the implementation of the guidance.
Read More
There is little doubt that the future of healthcare will rely more on always-connected devices, Software as a Medical Device (SaMD), cloud computing and vast amounts of data processing. However, moving medical devices outside of the security provided within a managed hospital network and placing them at our homes increases the risk of cyberattacks. So, how manufacturers can face the ongoing challenge of ensuring security of their devices and the ever-increasing pressure by the regulatory bodies?
Read More
With the rise of the Internet of Medical Things (IoMT), medical devices are becoming increasingly more prominent in the healthcare industry. This, however, does not come without its risks. Hackers are using medical devices to springboard deeper into medical system networks. This article explores the motives as well as the methods used to access medical devices.
Read More
Threat modeling, in recent years has come to take center stage in the world of healthcare cybersecurity. The FDA has been helping medical device manufacturers ramp-up their skills in this field, however it still remains a complex task to perform for newer manufacturers. Let’s explore the challenges, current state of practice and the right approach.
Read More
To secure against potential cybersecurity vulnerabilities, Medical Device Manufacturers (MDMs) should enroll their medical devices into a Public Key Infrastructure (PKI), a trusted and widely used cryptographic practice that ensures operational safety. Learn more about securing your medical device with a PKI from our free e-book: “Why should Medical Device Manufacturers (MDMs) secure their devices with a Public Key Infrastructure (PKI)?”
Read More