October is National Cyber Security Awareness Month which is an annual campaign to raise awareness about cybersecurity. Cybersecurity threats and vulnerabilities in the Medical Device world can come from a broad range of attack surfaces. Vulnerabilities in the product software, third-party components, customer installations, user interactions, and the product supply chain are a few examples that come to mind. Securing our nations critical infrastructure including the medical products we rely-on a daily basis should be a top priority in today’s “Internet of Medical Things”.

Qualified Data Systems ask that you participate in National Cyber Security Awareness Month by reviewing your company’s preparedness. A few simple key questions to help you get started include:

  • Do we design our software-driven medical products with both security and safety in mind?
  • Do we incorporate product security requirements directly into our software development processes?
  • What training or education does my company provide in the area of Cybersecurity?
  • How can we develop secure code for our products?
  • Do we have procedures in place to handle any product security related incidents?
  • Have we accessed the risks to patient safety, product quality, or data integrity from potential cybersecurity threats or vulnerabilities?
  • How can we effectively monitor our products for cyber events?
  • How do we demonstrate compliance to FDA Cybersecurity guidance?

In October, as part of National Cybersecurity Month, QDS will publish a series of weekly themed articles to help Medical Devices manufacturers understand the scope of Cybersecurity and how to establish a program to ensure that all your software-driven medical products are both safe and secure.

Our 2016 Medical Device Cybersecurity Weekly Themes are:

Please visit us throughout the month of October as we share tips, resources, and our medical device experience in promoting safety and security for our nation’s critical infrastructure.