The FDA said Monday it is teaming up with non-profit, federally funded R&D group Mitre to develop a “more collaborative approach” to cybersecurity vulnerabilities.
Mitre and the FDA director of emergency preparedness, operations and medical countermeasures Dr. Suzanne Schwartz are slated to present on “Systemic management of medical device cybersecurity” at the health IT conference HIMSS16 in Las Vegas on March 2.
Schwartz said that the FDA would be looking to both manufacturers and healthcare delivery groups to up their efforts in threat monitoring and preventative measures.
“It’s important for both manufacturers and healthcare delivery organizations to recognize the new reality today – hospitals and health care systems are under constant attempts at attack and intrusion of their networks. Protection of these systems, which contain highly sought after personal health information and personal identity information, means that medical devices need to be better secured as well,” Schwartz said, according to Healthcare IT News.
Malware and “unintentional infections,” such as employee downloads, were the biggest threats identified by Schwartz. Also mentioned were vulnerable medical devices that lay vulnerable to such intrusions, especially if they lack the appropriate management policies for cyberattacks.
Mitre 1st partnered with the FDA in late 2014, according to Healthcare IT News, aiming to create a medical device ecosystem that shares relevant cybersecurity information amongst both gov’t and private companies.
The company will aid the FDA in adapting its Common Vulnerability Scoring System into a vulnerability assessment tool for use in the clinical environment, specifically with medical devices.
“We believe that having a common taxonomy that fits the needs of the healthcare setting where medical devices reside, and that takes into account specific considerations that are unique to use of these products will be of great benefit to stakeholders in advancing the state of medical device security,” Schwartz said, according to Healthcare IT News.
