As medical devices and systems became more sophisticated over the past two decades, they began incorporating microprocessors, software, sensitive data, and connections to networks (including some to the Internet). These changes provided more features and greater versatility, collectively improving patient care, but they also resulted in a growing number of devices and systems with security vulnerabilities. Cyber adversaries simultaneously have become more sophisticated and more effective at taking advantage of these vulnerabilities with their attacks.

Regulators, standards organizations, and industry expert groups all have been focused on developing the regulations, standards, guidelines, and tools necessary to identify and manage these new security risks. Examples of the aforementioned organizations and groups include the Food and Drug Administration (FDA), National Institute of Standards and Technology (NIST), MITRE, Healthcare Sector Coordinating Council (HSCC), Center for Internet Security (CIS), Health Information Sharing and Analysis...

You do not currently have access to this content.