Thursday, May 24, 2018
  • Want better apps? You need a (agile security) hero!
  • Happy anniversary to Dreamcast…and its scams
  • Expand Your Awareness Program With SecurityIQ — 1700+ Library Resources Now Available!
  • Are your SMB clients GDPR-ready? | Avast Business
  • 6 Things You’re Probably Doing Wrong Securing Serverless Apps

Security Boulevard

The home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Latest News
    • Features
    • Industry Spotlight
  • Community
    • Security Bloggers Network
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Chats
  • Webinars
    • Upcoming
    • On-Demand
  • Events
  • Library

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
Data Security Identity & Access Security Bloggers Network 

Home » Cybersecurity » Data Security » Medical Device Security Standards

Medical Device Security Standards

by Tripwire Guest Authors on April 25, 2018

Medical devices can be vulnerable to security breaches in the same way as any other networked computing device. This may potentially affect its safety and effectiveness. The FDA (Food and Drug Administration) has issued final guidelines for manufacturers to consider cybersecurity risks as part of their medical device design and development. Its guidance contains voluntary recommendations and does not establish any legally enforceable responsibilities.

These security guidelines are significant in conveying to device manufacturers and stakeholders the current state of evolving key best practices in the medical device security. They are similar to the guidance issued by FDA in June 2013 and is part of the FDA’s efforts to improve the cybersecurity of medical devices.

FDA recommendations to mitigate and manage cybersecurity threats

The vulnerability of medical devices to threats has grown, as these products are increasingly connected to hospital networks, the internet, and other medical devices. There is therefore a need for effective cybersecurity to assure the functionality and safety of the medical device.

In response, the FDA has developed the guidance document to assist manufacturers in identifying issues related to cybersecurity which should be considered when designing and developing medical devices and preparing for their pre-market submissions.

FDA recommends that manufacturers consider cybersecurity risk as a part of the medical device design and development and that they submit documentation to FDA about the identified risks. These manufacturers also should consider putting controls in place that will help mitigate those risks. The documents provides recommendations to the manufacturers on plans to provide updates as well as patches for the operating systems and the medical software.

Security measures to be considered by device manufactures

The Food and Drug Administration suggests following security measures which should be considered by medical device manufacturers to protect them from instances of unauthorized access:

  1. Authentications (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Tripwire Guest Authors. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/medical-device-security-standards/

April 25, 2018April 26, 2018 Tripwire Guest Authors 0 Comments Cybersecurity, IT Security and Data Protection, medical, Password
  • ← Stateless and Ephemeral?
  • Women in Information Security: Evie Andrew →

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

What Do Self-Driving Cars Have to Do with Machine Learning for Cybersecurity?
Agro-Espionage: How China Tried to Steal U.S. Rice Research
Surveillance Sans Frontiers, Thanks to the Internet
6 Practical Steps to Implement DevSecOps in the Cloud
Allegory of the ‘Synthetic Data Cave’
CyberArk shows how ‘shadow admins’ can be created in cloud environments
CVE-2018-3639: Spectre Variant 4 Vulnerability Affects the Linux Kernel
Loopholes in Cloud Security Exposed Online 50% of Corporate Databases
GUEST ESSAY: How data science and cybersecurity will secure ‘digital transformation’
The Modern Day Hacker – A Cautionary Tale

Upcoming Events

DevSecOps Days, London

DevSecOps Days, London

June 28, 2018
DevSecOps Days, Singapore

DevSecOps Days, Singapore

July 24, 2018

Upcoming Webinars

Tue 29

Not All Flaws Are Created Equal: The Difference Between a Flaw, a Vulnerability and an Exploit

May 29 @ 11:00 am - 12:00 pm
Jun 11

The 4 Current Threats Enterprises Can’t Ignore

June 11 @ 1:00 pm - 2:00 pm
Jun 21

Improving Software Security in an Agile Environment: A Case Study

June 21 @ 11:00 am

More Webinars

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

How Threat Actors Try to Overwhelm the Defenses of Ad Networks
Cybersecurity Industry Spotlight Network Security Security Boulevard (Original) Social Engineering 

How Threat Actors Try to Overwhelm the Defenses of Ad Networks

May 24, 2018 Forrest Gueterman | 9 hours ago 0
6 Practical Steps to Implement DevSecOps in the Cloud
Cybersecurity DevOps Industry Spotlight Security Boulevard (Original) 

6 Practical Steps to Implement DevSecOps in the Cloud

May 22, 2018 George Gerchow | 2 days ago 0
What Do Self-Driving Cars Have to Do with Machine Learning for Cybersecurity?
Analytics & Intelligence Cybersecurity Industry Spotlight Security Boulevard (Original) 

What Do Self-Driving Cars Have to Do with Machine Learning for Cybersecurity?

May 21, 2018 Raja Patel | 3 days ago 0

Top Stories

VMware Partners with Okta on Identity Management
Cybersecurity Endpoint Featured Network Security News Security Boulevard (Original) Spotlight 

VMware Partners with Okta on Identity Management

May 24, 2018 Michael Vizard | 8 hours ago 0
Nation State Actor Builds Massive Army of Compromised Routers
Featured Malware Network Security News Security Boulevard (Original) Spotlight 

Nation State Actor Builds Massive Army of Compromised Routers

May 23, 2018 Lucian Constantin | Yesterday 0
CPU, OS Makers Coordinate to Fix New Spectre Vulnerability
Endpoint Featured News Security Boulevard (Original) Spotlight Vulnerabilities 

CPU, OS Makers Coordinate to Fix New Spectre Vulnerability

May 22, 2018 Lucian Constantin | 1 day ago 0

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2018 Mediaops Inc. All rights reserved.
loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.