Cybersecurity and Medical Devices

Over the years there have been differing targets, moving from the enterprise side, to vehicles, satellites, shipping, aeronautics, and others. A significant new industry focus are medical devices. What brings this to the forefront of our attention is the criticality of the devices.

These assist with our lives and living. The insulin pump helps patients with their blood sugar and notifies the patient when this is too high or low and provides insulin through the day. Neurotransmitters help patients deal with their pain. Defibrillators help with regulating heartbeats.

While these clearly are a benefit for the patients, these require cybersecurity to be applied. Without a thorough architecture and pentest to ensure the vulnerabilities have been mitigated, there are substantial liabilities. To validate this, you simply need to read through the FDA notices. Without fully addressing the product’s cybersecurity, the manufacturer is missing vital points which are required.

Thank you

About the Author

Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.