Daily Newsletter

14 June 2023

Daily Newsletter

14 June 2023

MedCrypt partnership helps reduce cybersecurity risk for medical devices

A study by Ponemon Institute revealed that around 49% of device makers do not follow guidance from the FDA, to mitigate or reduce inherent security risks.

Kiays Khalil June 13 2023

After 1 Oct 2023, Following this date, the FDA will refuse to accept medical devices that fail to meet cybersecurity obligations. Credit: Ar_TH/Shutterstock.

US-based medical device cybersecurity company MedCrypt has partnered with Stratigos Security to provide security assessments and penetration testing offering a suite of third-party assessment and advisory services.

MedCrypt provides security products and services to some of the biggest medical device manufacturers.

Its latest partnership with Stratigos Security will deliver specialised penetration testing, which will simulate an attack allowing issues and weak points to be identified in a device. The results will allow manufacturers to amend their risk management, they can also be submitted for regulation streamlining the product's journey to market.

In March 2023, the US Food and Drug Administration (FDA) announced its plans for pre-market and post-market guidance, which will come into effect on 1 October 2023. Following this date, the FDA will refuse to accept medical devices that fail to meet cybersecurity obligations.

A study by Ponemon Institute revealed that around 49% of device makers do not follow guidance from the FDA, to mitigate or reduce inherent security risks. There currently has been a rise in product development to meet those requirements.

Stratigos Security CEO Beau Woods said: "Our team of experienced cybersecurity experts, combined with MedCrypt's deep understanding of medical device security, enables us to deliver comprehensive and effective penetration testing and security assessments that are tailored to the unique requirements of medical devices. We are committed to helping healthcare organisations mitigate cyber risks and safeguard patient safety."

Traditional testing is less effective for medical devices but with personalised penetration tests post-market issues and threats can be reduced. Well-established companies incorporate these tests into their products' development framework from the beginning and will continue through the device’s lifetime.

In April 2023, MedCrypt announced it will be financing the School of Engineering for the Tufts University fellowship programme, supporting research on the investigation of medical device security and threat modelling.

More than half (53%) of connected medical and other Internet of Things (IoT) devices in hospitals have a known critical vulnerability.

Uncover your next opportunity with expert reports

Steer your business strategy with key data and insights from our latest market research reports and company profiles. Not ready to buy? Start small by downloading a sample report first.

Browse reports

Newsletters by sectors

Pharmaceutical Technology open-new-tab

Hospital Management open-new-tab

Clinical Trials Arena open-new-tab

View more newsletters

Sign up to the newsletter

I consent to Verdict Media Limited collecting my details provided via this form in accordance with Privacy Policy

close

Sign up to the newsletter: In Brief

Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Thank you for subscribing

View all newsletters from across the GlobalData Media network.

close