What's the outlook for moving from awareness to action when it comes to medical device cybersecurity? Dale Nordenberg, M.D., executive director of the Medical Device Innovation, Safety and Security Consortium, offers an assessment.
Automotive smartphone apps that can be used to unlock or start a car pose new risks that must be managed, says Asaf Ashkenazi of Inside Secure, a mobile security firm, who provides risk mitigation insights.
The FDA's recently issued draft document updating its premarket medical device cybersecurity guidance originally issued in 2014 contains several important provisions, says regulatory attorney Yarmela Pavlovic, who explains the details.
Manufacturers need to change their approach to securing internet of things devices, says Aloysius Cheang, executive vice president for Asia Pacific at the Center for Strategic Cyberspace + Security Science, a U.K.-based think tank, who describes what needs to be done.
As the pace of technology innovation continues to quicken - including the ability to make payments via everything from Alexa to Facebook Messenger - risk-based security is imperative to maintain a frictionless customer experience, says Tim Ayling of Kaspersky Lab.
The FDA's procedures for handling cybersecurity concerns in medical devices once they are on the market are deficient, according to a new federal watchdog agency report. But since that audit was conducted, the FDA has been aggressively ramping up its activities around device cybersecurity.
Many of the devices that go into so-called smart cities and buildings are not built to be secure, making it difficult for security operations centers to manage risk, warns Sarb Sembhi, CTO and CISO of Virtually Informed, who describes what needs to change.
The latest edition of the ISMG Security Report features Kevin McDonald of the Mayo Clinic discussing how to secure connected medical devices. Plus, updates on the indictments of Chinese agents for hacking and the unveiling of the Financial Services Sector Cybersecurity Profile.
An advisory council is again urging the Department of Health and Human Services to allow certain donations of cybersecurity technology and services to smaller healthcare providers. Greg Garcia of the council, who will keynote ISMG's upcoming Healthcare Security Summit in New York, explains why.
Kevin McDonald, director of clinical information security at Mayo Clinic, spells out several steps for helping to ensure the security of medical devices, stressing there's no "silver bullet" that can do the job. He'll be a speaker at ISMG's Healthcare Security Summit, to be held Nov. 13-14 in New York.
A new "playbook" co-developed by the Food and Drug Administration and Mitre Corp. aims to assist healthcare delivery organizations in responding to cybersecurity incidents involving medical devices. Julie Connolly, who helped develop the guide, explains how to use it.
Two years after Mirai botnets first appeared, security researchers say telnet-targeting botnets are attempting to compromise internet of things devices by pummeling them with 1,065 different username/password combinations. Some of these attacks are designed to install Linux DDoS malware.
Before marketing their medical devices, manufacturers should prepare a "cybersecurity bill of materials" that lists components that could be susceptible to vulnerabilities, according to a draft of updated FDA premarket guidance.