1-888-310-4540 (main) / 1-888-707-6150 (support) info@spkaa.com
Select Page

Cyber Security in Medical Device Design

Published by Mike Solinap
on June 2, 2014

With the push by big technology players (Cisco, Google, Intel, etc.) towards connectivity in everyday devices, cyber security is becoming more and more crucial. This push is even seen in medical device design as the industry begins to move toward cloud-integrated and network-connected devices so that they may be monitored or customized to surgeons needs on the fly.

The issue is that medical devices that used to be standalone machines are now being connected to wider networks. While this is useful, most manufacturers are not adding any increased security to their systems where a single machine attack used to be isolated and required physical access.

An infection and attack on an entire network of devices around the world can now occur completely remotely. A single change to an insecure cloud database or device that sets and gets settings from the cloud could lead to an entire device line being compromised. A few years ago, security expert Barnaby Jack showed that it is possible to compromise devices such as pacemakers and insulin pumps to attack patients as well. Any device with network connectivity will be insecure — and with strict FDA regulations on system updates, many manufacturers will not be patching issues as quickly as may be needed.

Thankfully, the FDA has been working on a draft guidance to try to set guidelines medical device engineers should use while designing their systems. The guidance also mentions possibly allowing validated operating system updates to be patched into systems in-between fully validated releases. Hopefully, the new guidance will help keep systems and patient data safe.

Next Steps:

Latest White Papers

Atlassian Cloud: Understanding Zero Trust Security

Atlassian Cloud: Understanding Zero Trust Security

Where To Start & Why It Matters What is the Atlassian Cloud Zero Trust Security model? Well, for decades, enterprise security controls were built to protect a large, single perimeter around a corporation. Often described as castle-and-moat security, This approach...

Related Resources

Use Nessus To Harden Your Cybersecurity

Use Nessus To Harden Your Cybersecurity

Cybersecurity should be baked into the onset of IT and product development processes. Additionally, treating cybersecurity as an afterthought opens your organization up to vulnerabilities and risk. Therefore hardening your IT product cybersecurity with a tool like...

2022: The Year So Far Tech Review

2022: The Year So Far Tech Review

There’s been a lot of innovation, software and product releases in the past six months alone. So, we are rounding up the best tech review and engineering releases for the first half of 2022. The tech forecast for 2022 was heavily influenced by how the world adjusted...

How To Complete Computer Systems Validation (FDA)

How To Complete Computer Systems Validation (FDA)

What is Computer Systems Validation (CSV)? Additionally, why does the Food & Drug Administration (FDA) require them for the Medical Device industry? More importantly, how can CSVs be efficiently completed and managed? Let’s explore why you can’t skip that...