Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-plugin-hostgator domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home4/scienrds/scienceandnerds/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the ol-scrapes domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home4/scienrds/scienceandnerds/wp-includes/functions.php on line 6114

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893
{"id":3295,"date":"2022-04-09T10:56:12","date_gmt":"2022-04-09T10:56:12","guid":{"rendered":"https:\/\/scienceandnerds.com\/2022\/04\/09\/the-us-is-trying-to-fix-medical-devices-big-cybersecurity-problem\/"},"modified":"2022-04-09T10:56:13","modified_gmt":"2022-04-09T10:56:13","slug":"the-us-is-trying-to-fix-medical-devices-big-cybersecurity-problem","status":"publish","type":"post","link":"https:\/\/scienceandnerds.com\/2022\/04\/09\/the-us-is-trying-to-fix-medical-devices-big-cybersecurity-problem\/","title":{"rendered":"The US is trying to fix medical devices\u2019 big cybersecurity problem"},"content":{"rendered":"

Source: https:\/\/www.theverge.com\/2022\/4\/8\/23016588\/medical-device-cybersecurity-fda-congress-hacking<\/a>
\n
<\/br><\/code><\/p>\n

\n

Medical devices are one major weak point in health care cybersecurity, and both Congress and the Food and Drug Administration took steps towards closing that gap this week \u2014Congress with a proposed bill and the FDA with new draft guidelines for device makers on how they should build devices that are less likely to be hacked.<\/p>\n

Devices like infusion pumps or imaging machines that are connected to the internet can be targets for hacks. Those attacks can siphon off patient data or put their safety directly at risk. Experts consistently find<\/a> that devices in use today have vulnerabilities that could be exploited by hackers. <\/p>\n

The FDA, which regulates medical devices, has been trying to get a handle on this problem for a while. Back in 2014, it put out guidance for medical device makers that outlined how they should incorporate cybersecurity before they asked the agency to clear their products. The agency <\/strong>then put out a draft guideline in 2018. This new draft replaces the 2018 version and is based on feedback from manufacturers and other experts and changes in the medical device environment over the past few years, Suzanne Schwartz, director of the Office of Strategic Partnerships and Technology Innovation at the FDA, told The Verge<\/em>. <\/p>\n

The new document is still just a draft, and device makers won\u2019t start using it until it\u2019s finalized after another round of feedback. But it includes a few significant changes from the last go-around \u2014 including an emphasis on the whole lifecycle of a device and a recommendation that manufacturers include a Software Bill of Materials (SBOM) with all new products that gives users information on the various elements that make up a device. An SBOM makes it easier for users to keep tabs on their devices. If there\u2019s a bug or vulnerability found in a bit of software, for example, a hospital could easily check if their infusion pumps use that specific software.<\/p>\n

The FDA also put out legislative proposals<\/a> around medical device cybersecurity, asking asking Congress for more explicit power to make requirements. \u201cThe intent is to enable devices to be that much more resilient to withstand the potential for cyber exploits or intrusion,\u201d Schwartz says. Manufacturers should be able to update or patch software problems without hurting the devices\u2019 function, she says. <\/p>\n

The FDA\u2019s efforts dovetail with a proposed bill introduced in Congress this week<\/a>, the Protecting and Transforming Cyber Health Care (PATCH) Act, which would codify some of the FDA\u2019s proposals. The bill would require device manufacturers to have a plan to address any cybersecurity issues with their devices, and require an SBOM for new devices. If the bill passes, then those elements become requirements rather than just recommended guidelines from the FDA.<\/p>\n

\n