FDA Wants Industry to Guard Against Cybersecurity Risks of Medical Devices

As medical device makers are building network connectivity and intelligence into their products, they are adding new vulnerabilities and risks as well. The U.S. Food and Drug Administration has just issued draft guidance for postmarket management of cybersecurity of medical devices. It follows previous guidance on premarket submissions for management of cybersecurity in medical devices. We spoke to Russell Jones, partner with Deloitte & Touche, cyber risk leader for the firm’s State of California Practice and co-leader of the firm’s medical device safety and security practice, about the FDA actions, how these connected devices can be exploited by hackers, and what medical device makers can learn from industries that have already faced these issues.