The current pandemic and consequent emphasis on social distancing has led to an increased reliance on technology solutions deployed on devices for remote management and telemedicine. However, the convergence of technology, hyper-connectivity, and regulatory changes has raised challenges in the secure management of devices at scale. While medical device engineering has rightly focused on medical safety to protect patients, cybersecurity gaps remain. New attack pathways and cybersecurity risks have come to the fore especially with older medical devices.
- With discrete, unconnected devices, software code is embedded and contained within the device and controlling risk is possible by owning end-to-end code development and controlling risk.
- Increased connectivity provides new opportunities for service delivery, remote monitoring, and diagnostics, but also increases cybersecurity risk.
- Moreover, the FDA’s Emergency Use Authorization (EUA) process has led to a rise in the number of new devices in the field and may potentially introduce new threat vectors and risk patient safety.
Medical device safety and security has clearly come front and center.