FDA Cybersecurity Forum: Manufacturers Explain Coordinated Vulnerability Disclosures
Executive Summary
Device firms well-versed in carrying out coordinated vulnerability disclosures said it is important to secure company executive buy-in and to use the principles laid out in an evolving US FDA guidance on cybersecurity for assistance at a recent FDA cybersecurity meeting.
You may also be interested in...
Siemens Cybersecurity Expert Says Medtech Industry Has 'Perverse Incentive' To Not Disclose Vulnerabilities – Might A New Law Be The Fix?
The fear of losing business by being transparent about cybersecurity vulnerabilities means there's "a perverse incentive in some parts of the market that encourages a lack of disclosure," Siemens' Harrison Wadsworth says. But the US FDA's Suzanne Schwartz believes coordinated vulnerability disclosure legislation could "level the playing field."
Medtech Security Organization Adopts Widely Used Automation Cybersecurity Standard
The medtech cybersecurity group MDISS says it will adopt the ISA/IEC 62443 cybersecurity standard that has been widely used in an array of industries for the medical device industry. This comes following news from the European medtech group COCIR that it was also considering adopting the standard.
US Homeland Security: Stryker, BD Devices Pose Hacking Risk
The US Department of Homeland Security National Cybersecurity and Communications Integration Center is warning of potential cybersecurity vulnerabilities in Stryker hospital beds and BD diagnostics equipment.