The FDA now recognizes UL 2900-2-1 and UL 2900-1, the first guidance that sets specific criteria for cyber security testing of connected medical devices.
Posted in Healthcare Security & Privacy, Medical Device Security
Posted in Healthcare Security & Privacy, Medical Device Security
FUD—fear, uncertainty, and doubt—is usually met with relentless mockery in the cyber security world, since it’s sometimes used to try to frighten people into buying a product.
Posted in Healthcare Security & Privacy, Medical Device Security
Wednesday, RSA 2018: On any given day, there are more than 150 sessions to choose from here. Good luck getting to even 5% of those. The good news is that attendees can get access to most of the sessions they missed after the fact, since the slide presentations are posted and videos are made of just about every one. So you can keep “attending” for months to come. But from a small slice of it in real time: It didn’t get nearly as much buzz as the keynote from Monica Lewinsky of Bill-Clinton-and-blue-dress fame, but the message was still powerful: Behavioral analytics is changing the world of security.
Posted in Automotive Cyber Security, Medical Device Security
Early last year, in response to the Cybersecurity Act of 2015, the US Department of Health and Human Services (HHS) established The Health Care Industry Cybersecurity Task Force. This month the task force published its recommendations to improve healthcare cybersecurity.
Posted in Healthcare Security & Privacy, Medical Device Security
I was recently confronted with a subject I’d considered professionally but never had to face personally: the security of connected medical devices.
Posted in Healthcare Security & Privacy, Medical Device Security
A new report investigates whether medical device makers and healthcare delivery organizations align on the need to address cyber security risks.
Posted in Healthcare Security & Privacy, Medical Device Security
On December 28, 2016, the US Food and Drug Administration (FDA) finalized its guidance on the “Postmarket Management of Cybersecurity in Medical Devices.” The release of the guidance was accompanied by an official blog post, which points out that as medical devices become increasingly sophisticated and connected, they become more prone to attack. Successful attacks can result in physical harm or even death to real people.
Posted in Medical Device Security, Open source and software supply chain risks, Open Source Security
Philips has named Mike Ahmadi, global director of critical systems security for Synopsys Software Integrity Group, to its Responsible Disclosure Hall of Honors.
Posted in Medical Device Security, Software Composition Analysis (SCA)
The FDA has formally recognized AAMI TIR57 “Principles for medical device security – Risk management” as a cybersecurity standard for medical devices.
Posted in Medical Device Security, Software Compliance, Quality & Standards
