How has the medical device regulatory landscape evolved in recent years and how do MDMs cope with the changes? The insightful discussion between Irdeto’s and QBD Group’s experts will provide all you need to know.
The healthcare industry has made great efforts over the past few years to prevent and mitigate the risks of cyberattacks targeting connected medical devices and healthcare systems. The alarming numbers indicating an increase in cyberattacks against healthcare institutions sadly show that there are still problems to tackle, particularly on the part of MDMs.
The introduction of the NIS2 Directive marks one of the latest and most important attempts to address these challenges. What’s the meaning of NIS2 to the healthcare sector and how do MDMs get started?
In parallel with the introduction of the NIS2 Directive, the European Commission has also adopted the Critical Entities Resilience (CER) Directive, focusing on the protection of public and private organizations against physical threats. Both of these Directives aim to increase resilience and counter threats that could disrupt society. It’s time to go deeper into the CER Directive and how it affects the healthcare sector and Medical Device Manufacturers (MDMs).
Mitigating cybersecurity risks for medical devices is increasingly a core focus area for regulators, who are driving the establishment of a consistent cybersecurity framework to better facilitate coordination among all parties involved. This emphasizes the importance of Medical Device Manufacturers (MDMs) being aware of and familiar with the latest requirements. The intertwining of requirements, however, creates significant complexity in the medical device cybersecurity ecosystem. How can you cope with this?
A number of regulations have been put in place to help fortify medical devices and their manufacturing lines against potential attack patterns, including the revised Directive on the Security of Network and Information Systems (NIS2 Directive). The introduction of NIS2 will help form a better coordinated basis for cybersecurity action. Here’s what you need to know about it.
Moving away from static offline devices and paper notetaking, to having the full system and communication done online was a breakthrough for the healthcare industry. This however introduced new challenges for medical device cybersecurity. This article explores some of the most alarming statistics on how the industry has been affected by cybersecurity threats over the past few years.
The landscape of cybersecurity is crowded with buzzwords – sometimes to the point of confusion. While simply avoiding them is one way to go about it, understanding them will go a long way if you want to protect your healthcare organization and medical devices from potential cyberattacks. In this article, the most used terms have been broken down, so the next time you encounter them, you can avoid confusion!
A Coordinated Vulnerability Disclosure (CVD) refers to a specific structured process where vulnerabilities are reported to organizations in a manner that allows for diagnosis and remediation before released to third parties or the public. CVD comprises of the coordination between the reporting entities and organizations with particular regard to the timing for both the remediation and publication of vulnerabilities. This blog post will explore the basics of CVD and what you need to be aware of.
Software Bill of Materials (SBOM) and Vulnerability Exploitability eXchange (VEX) are becoming essential components of medical device cybersecurity. The effectiveness of medical device security practice, however, can be challenging to accomplish without first understanding how VEX complements an SBOM throughout the product lifecycle. Let’s explore how to make the best use of these two concepts in this article.
The ongoing digitization in healthcare has brought not only new opportunities to improve patient care, but also challenges in cybersecurity. To address the issue and ensure the security of new medical devices, state-of-the-art regulatory frameworks are mandatory. Let’s discover some of the new industry developments, discuss the best practice documents and the implementation of the guidance.