"FDA Protects Medical Devices Against Cyber-Threats With New Measures"

The US Food and Drug Administration (FDA) staff has recently published new guidelines to strengthen the cybersecurity levels of internet-connected products used by hospitals and healthcare providers.  According to the FDA, applicants seeking approval for new medical devices must submit a plan designed to “monitor, identify and address” possible cybersecurity issues associated with them.  Further, applicants will also need to outline a process to provide “reasonable assurance” that the device in question is protected with regular security updates and patches, including for critical situations.  Finally, they will be expected to provide the FDA with “a software bill of materials,” which should include commercial, open-source, and off-the-shelf software components.

Infosecurity reports: "FDA Protects Medical Devices Against Cyber-Threats With New Measures"