Friday, November 16, 2018
  • CylancePROTECT – Product Overview
  • The Cloud Browser
  • XKCD, Evaluating Tech Things
  • PMP®️ Domain #5: Closing (7%)
  • Is Encryption an NTA / NIDS / NFT Apocalypse?

Security Boulevard

The home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chats
    • CISO Conversations
  • Library

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
Data Security Identity & Access Security Bloggers Network 

Home » Cybersecurity » Data Security » Medical Device Security Standards

Medical Device Security Standards

by Tripwire Guest Authors on April 25, 2018

Medical devices can be vulnerable to security breaches in the same way as any other networked computing device. This may potentially affect its safety and effectiveness. The FDA (Food and Drug Administration) has issued final guidelines for manufacturers to consider cybersecurity risks as part of their medical device design and development. Its guidance contains voluntary recommendations and does not establish any legally enforceable responsibilities.

These security guidelines are significant in conveying to device manufacturers and stakeholders the current state of evolving key best practices in the medical device security. They are similar to the guidance issued by FDA in June 2013 and is part of the FDA’s efforts to improve the cybersecurity of medical devices.

FDA recommendations to mitigate and manage cybersecurity threats

The vulnerability of medical devices to threats has grown, as these products are increasingly connected to hospital networks, the internet, and other medical devices. There is therefore a need for effective cybersecurity to assure the functionality and safety of the medical device.

In response, the FDA has developed the guidance document to assist manufacturers in identifying issues related to cybersecurity which should be considered when designing and developing medical devices and preparing for their pre-market submissions.

FDA recommends that manufacturers consider cybersecurity risk as a part of the medical device design and development and that they submit documentation to FDA about the identified risks. These manufacturers also should consider putting controls in place that will help mitigate those risks. The documents provides recommendations to the manufacturers on plans to provide updates as well as patches for the operating systems and the medical software.

Security measures to be considered by device manufactures

The Food and Drug Administration suggests following security measures which should be considered by medical device manufacturers to protect them from instances of unauthorized access:

  1. Authentications (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Tripwire Guest Authors. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/medical-device-security-standards/

April 25, 2018April 26, 2018 Tripwire Guest Authors Cybersecurity, IT Security and Data Protection, medical, Password
  • ← Stateless and Ephemeral?
  • Women in Information Security: Evie Andrew →
Featured Blog

Secure Code Warrior

Why financial institutions are leading the charge to upskill their developers in secure coding

Secure Code Warrior

Why SQL Injections Are The Cockroaches of the AppSec World (and how CISOs can eradicate them once and for all)

Secure Code Warrior

A Brighter Future For DevSecOps? It’s Closer Than You Think

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

Hackers Exploit Recently Patched ColdFusion Vulnerability
The Changing Face of Web Application Security
Microsoft and Adobe Patch Zero-Day Vulnerabilities
Convergence of Security, Networking Services Accelerates
The Top 5 Industries Grappling with Bad Bots
Your Definitive Guide to Information Security Conferences in 2019
Top Cybersecurity Threats & How the WAF Must Evolve to Address Them
Security Vulnerabilities identified in Washington, Georgia, and North Carolina’s voting systems
SAP Security Notes November ‘18: The Mobile Client Side Menace
Dharma Ransomware: What It’s Teaching Us

Upcoming Webinars

Tue 27

2018 Black Hat Hacker Survey Report: What Hackers Really Think About Your Cyber Defenses

November 27 @ 11:00 am - 12:00 pm
Thu 29

Cloud Security: What You Need to Know

November 29 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

Automating Open Source Security: A SANS Product Review of WhiteSource

CISO/Security Vendor Relationship Series

CISO/Security Vendor Relationship Podcast

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

6 Best Practices to Make the Most of Your Sandbox Proof of Concept
Analytics & Intelligence Cybersecurity Industry Spotlight Security Boulevard (Original) Threat Intelligence 

6 Best Practices to Make the Most of Your Sandbox Proof of Concept

November 16, 2018 Ralf Hund | Yesterday 0
Move Over, Ransomware: Cryptojacking is the New Kid in Town
Cybersecurity Endpoint Industry Spotlight Security Boulevard (Original) 

Move Over, Ransomware: Cryptojacking is the New Kid in Town

November 15, 2018 Nick Bilogorskiy | 1 day ago 0
The Top 5 Industries Grappling with Bad Bots
Cybersecurity Industry Spotlight Malware Security Boulevard (Original) 

The Top 5 Industries Grappling with Bad Bots

November 13, 2018 Reid Tatoris | 3 days ago 0

Top Stories

Blackberry Acquires Cylance to Apply AI to IoT Cybersecurity
Analytics & Intelligence Cybersecurity Featured IoT & ICS Security News Security Boulevard (Original) Spotlight 

Blackberry Acquires Cylance to Apply AI to IoT Cybersecurity

November 16, 2018 Michael Vizard | Yesterday 0
Galaxy S9, iPhone X, Xiaomi Mi6 Devices Hacked at Pwn2Own Contest
DevOps Featured Mobile Security News Security Boulevard (Original) Spotlight Vulnerabilities 

Galaxy S9, iPhone X, Xiaomi Mi6 Devices Hacked at Pwn2Own Contest

November 16, 2018 Lucian Constantin | Yesterday 0
Alert Logic Adds Managed Threat Intelligence Service
Cybersecurity Featured Network Security News Security Boulevard (Original) Spotlight 

Alert Logic Adds Managed Threat Intelligence Service

November 16, 2018 Michael Vizard | Yesterday 0

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2018 Mediaops Inc. All rights reserved.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.