Category: Healthcare

The implication of NIS2 on medical device cybersecurity

The healthcare industry has made great efforts over the past few years to prevent and mitigate the risks of cyberattacks targeting connected medical devices and healthcare systems. The alarming numbers indicating an increase in cyberattacks against healthcare institutions sadly show that there are still problems to tackle, particularly on the part of MDMs.
The introduction of the NIS2 Directive marks one of the latest and most important attempts to address these challenges. What’s the meaning of NIS2 to the healthcare sector and how do MDMs get started?

Read More

The Critical Entities Resilience Directive (CER) 101 

In parallel with the introduction of the NIS2 Directive, the European Commission has also adopted the Critical Entities Resilience (CER) Directive, focusing on the protection of public and private organizations against physical threats. Both of these Directives aim to increase resilience and counter threats that could disrupt society. It’s time to go deeper into the CER Directive and how it affects the healthcare sector and Medical Device Manufacturers (MDMs).

Read More

The complexity of medical device cybersecurity requirements: How to cope 

Mitigating cybersecurity risks for medical devices is increasingly a core focus area for regulators, who are driving the establishment of a consistent cybersecurity framework to better facilitate coordination among all parties involved. This emphasizes the importance of Medical Device Manufacturers (MDMs) being aware of and familiar with the latest requirements. The intertwining of requirements, however, creates significant complexity in the medical device cybersecurity ecosystem. How can you cope with this?

Read More

Network Information Systems Security (NIS2) 101 

A number of regulations have been put in place to help fortify medical devices and their manufacturing lines against potential attack patterns, including the revised Directive on the Security of Network and Information Systems (NIS2 Directive). The introduction of NIS2 will help form a better coordinated basis for cybersecurity action. Here’s what you need to know about it.

Read More

Exposing medical devices: Alarming statistics in the last 3 years

Moving away from static offline devices and paper notetaking, to having the full system and communication done online was a breakthrough for the healthcare industry. This however introduced new challenges for medical device cybersecurity. This article explores some of the most alarming statistics on how the industry has been affected by cybersecurity threats over the past few years. 

Read More

MedTech Cybersecurity: Top 10 most confusing buzzwords

The landscape of cybersecurity is crowded with buzzwords – sometimes to the point of confusion. While simply avoiding them is one way to go about it, understanding them will go a long way if you want to protect your healthcare organization and medical devices from potential cyberattacks. In this article, the most used terms have been broken down, so the next time you encounter them, you can avoid confusion!

Read More

Coordinated Vulnerability Disclosure (CVD) 101 

A Coordinated Vulnerability Disclosure (CVD) refers to a specific structured process where vulnerabilities are reported to organizations in a manner that allows for diagnosis and remediation before released to third parties or the public. CVD comprises of the coordination between the reporting entities and organizations with particular regard to the timing for both the remediation and publication of vulnerabilities. This blog post will explore the basics of CVD and what you need to be aware of.

Read More

SBOM and VEX help you complete your medical device security risk assessment with ease 

Software Bill of Materials (SBOM) and Vulnerability Exploitability eXchange (VEX) are becoming essential components of medical device cybersecurity. The effectiveness of medical device security practice, however, can be challenging to accomplish without first understanding how VEX complements an SBOM throughout the product lifecycle. Let’s explore how to make the best use of these two concepts in this article.

Read More

Medical device cybersecurity: Conformity assessments 

The ongoing digitization in healthcare has brought not only new opportunities to improve patient care, but also challenges in cybersecurity. To address the issue and ensure the security of new medical devices, state-of-the-art regulatory frameworks are mandatory. Let’s discover some of the new industry developments, discuss the best practice documents and the implementation of the guidance.

Read More