Tag: Connected health

The implication of NIS2 on medical device cybersecurity

The healthcare industry has made great efforts over the past few years to prevent and mitigate the risks of cyberattacks targeting connected medical devices and healthcare systems. The alarming numbers indicating an increase in cyberattacks against healthcare institutions sadly show that there are still problems to tackle, particularly on the part of MDMs.
The introduction of the NIS2 Directive marks one of the latest and most important attempts to address these challenges. What’s the meaning of NIS2 to the healthcare sector and how do MDMs get started?

Read More

The Critical Entities Resilience Directive (CER) 101 

In parallel with the introduction of the NIS2 Directive, the European Commission has also adopted the Critical Entities Resilience (CER) Directive, focusing on the protection of public and private organizations against physical threats. Both of these Directives aim to increase resilience and counter threats that could disrupt society. It’s time to go deeper into the CER Directive and how it affects the healthcare sector and Medical Device Manufacturers (MDMs).

Read More

The complexity of medical device cybersecurity requirements: How to cope 

Mitigating cybersecurity risks for medical devices is increasingly a core focus area for regulators, who are driving the establishment of a consistent cybersecurity framework to better facilitate coordination among all parties involved. This emphasizes the importance of Medical Device Manufacturers (MDMs) being aware of and familiar with the latest requirements. The intertwining of requirements, however, creates significant complexity in the medical device cybersecurity ecosystem. How can you cope with this?

Read More

Network Information Systems Security (NIS2) 101 

A number of regulations have been put in place to help fortify medical devices and their manufacturing lines against potential attack patterns, including the revised Directive on the Security of Network and Information Systems (NIS2 Directive). The introduction of NIS2 will help form a better coordinated basis for cybersecurity action. Here’s what you need to know about it.

Read More

MedTech Cybersecurity: Top 10 most confusing buzzwords

The landscape of cybersecurity is crowded with buzzwords – sometimes to the point of confusion. While simply avoiding them is one way to go about it, understanding them will go a long way if you want to protect your healthcare organization and medical devices from potential cyberattacks. In this article, the most used terms have been broken down, so the next time you encounter them, you can avoid confusion!

Read More

Coordinated Vulnerability Disclosure (CVD) 101 

A Coordinated Vulnerability Disclosure (CVD) refers to a specific structured process where vulnerabilities are reported to organizations in a manner that allows for diagnosis and remediation before released to third parties or the public. CVD comprises of the coordination between the reporting entities and organizations with particular regard to the timing for both the remediation and publication of vulnerabilities. This blog post will explore the basics of CVD and what you need to be aware of.

Read More

SBOM and VEX help you complete your medical device security risk assessment with ease 

Software Bill of Materials (SBOM) and Vulnerability Exploitability eXchange (VEX) are becoming essential components of medical device cybersecurity. The effectiveness of medical device security practice, however, can be challenging to accomplish without first understanding how VEX complements an SBOM throughout the product lifecycle. Let’s explore how to make the best use of these two concepts in this article.

Read More

Medical device cybersecurity: Conformity assessments 

The ongoing digitization in healthcare has brought not only new opportunities to improve patient care, but also challenges in cybersecurity. To address the issue and ensure the security of new medical devices, state-of-the-art regulatory frameworks are mandatory. Let’s discover some of the new industry developments, discuss the best practice documents and the implementation of the guidance.

Read More

Medical device cybersecurity management – what you need to know

There is little doubt that the future of healthcare will rely more on always-connected devices, Software as a Medical Device (SaMD), cloud computing and vast amounts of data processing. However, moving medical devices outside of the security provided within a managed hospital network and placing them at our homes increases the risk of cyberattacks. So, how manufacturers can face the ongoing challenge of ensuring security of their devices and the ever-increasing pressure by the regulatory bodies?  

Read More