Strategic partnership between FDA and MedISAO emphasizes the
importance of strengthening medical device security
SAN
DIEGO, May 20, 2024 /PRNewswire/ -- MedISAO, an
organization composed of members of the medical device manufacturer
community dedicated to improving medical device security through
education, awareness, and advocacy, announced today its endorsement
by the Food and Drug Administration (FDA) through a renewed
Memorandum of Understanding (MOU) signed on April 18, 2024, marking a continued collaboration
and highlighting the importance of improving the security posture
of the medical device ecosystem.
In an era where medical devices are increasingly exposed to
cyber risks, a 2023 study found nearly 1,000 vulnerabilities
spanning 966 medical products, highlighting the pressing need for
proactive cybersecurity measures. By endorsing the partnership, the
FDA underscores the imperative continued efforts to enhance
cybersecurity, uphold patient safety, and maintain care integrity
over the lifetime of a device.
Medcrypt's acquisition of MedISAO in the fall of 2020 paved
the way for offering the benefits of an Information Sharing and
Analysis Organization (ISAO) to small and medium-sized businesses
(SMBs), alongside Medcrypt's medical device security solutions,
setting a precedent for pre- and post-market security measures to
enhance stakeholder cooperation and safeguard patient health.
"This endorsement showcases a continued commitment by the
parties as well as their joint support and shared mission to
strengthen the security of medical devices," stated Axel Wirth, chief security strategist at
Medcrypt. "Transparency, information sharing, and swift resolution
of cybersecurity issues within medical devices are paramount.
MedISAO established a robust platform for collaborative information
exchange, ultimately enhancing the security and safety of medical
devices."
The FDA is making strides in enhancing its operations, with
priorities for the next two years focusing on building internal
cybersecurity resources and expertise. It can be assumed that an
updated post-market guidance will be part of these initiatives.
Through this, the FDA encourages responsible sharing of
vulnerability and threat information among medical device
stakeholders, aligning with the 2016 Cybersecurity Post Market
Guidance. Manufacturers actively participating in an ISAO
will not face enforcement of certain reporting requirements for
high-risk vulnerabilities.
As part of the MOU with the FDA, the partnership aims to raise
awareness of cyber risk management resources produced by
the Health Sector Coordinating Council (HSCC) and foster
trust within the healthcare community.
Daniel Beard, founder of MedISAO,
highlighted the partnership's significance in addressing
cybersecurity challenges faced by medical device manufacturers.
"Since our inception in 2016, MedISAO has remained committed to
enhancing medical device security through collaboration," said
Dan Beard. "Our partnership with the
FDA reinforces our mission, empowering manufacturers to enhance
their security posture through shared information and
resources."
About MedISAO/Medcrypt
MedISAO, a part of Medcrypt Inc., is an organization composed of
members of the medical device manufacturer community dedicated to
improving medical device security through education, awareness, and
advocacy. MedISAO provides cybersecurity information sharing,
education, and tools tailor-made for the medical device industry.
MedISAO is a registered ISAO with an FDA MOU providing compliance
with the FDA's recommendation in the Postmarket Management of
Cybersecurity in Medical Devices. For more information, visit
www.medisao.com and www.medcrypt.com
Medcrypt is helping healthcare technology companies ensure
medical devices are secure by design. We provide cybersecurity
products and strategic management consulting to expedite the
go-to-market process of medical device manufacturers' new
life-saving connected technologies. Founded in 2016 by a team of
healthcare cybersecurity experts, Medcrypt is uniquely positioned
to be the security catalyst for medical device manufacturers to
design secure, FDA-approved technologies. We continue to work with
those paving the way toward safe and reliable medtech.
To date, Medcrypt has raised more than $36 million in funding with participation from
Johnson & Johnson Innovations, Intuitive Ventures, and Dexcom
Ventures. For more information, please visit www.Medcrypt.com.
Press Contact:
Jenny Bourne
2087618447
https://www.medcrypt.co/
View original
content:https://www.prnewswire.com/news-releases/us-food-and-drug-administration-fda-extends-its-memorandum-of-understanding-mou-with-medisao-302149993.html
SOURCE MedCrypt