FDA’s medical device cybersecurity deal deemed outdated, watchdog discloses

December 27, 2023
1 min read

The Government Accountability Office (GAO) has found that the cybersecurity agreement between the Food and Drug Administration (FDA) and the Cybersecurity and Infrastructure Security Agency (CISA) needs to be updated. The agreement, which focuses on cybersecurity protocols for medical devices, is five years old and does not reflect recent organizational and procedural changes. While medical device vulnerabilities have not been frequent sources of cyber exploits, the FDA still considers them a significant concern for hospital cybersecurity. The GAO report also highlighted that the FDA’s authority over medical device cybersecurity has increased, due to legislation mandating that manufacturers submit plans to identify and address vulnerabilities. The report recommends that the FDA and CISA update their agreement to reflect these changes, a recommendation that both agencies agree with.

Latest from Blog

MediSecure hacked with massive ransomware data breach

Summary of ‘MediSecure hit by large-scale ransomware data breach’ TLDR: MediSecure, an Australian prescriptions provider, was hit by a large-scale ransomware attack. The incident is believed to have originated from one of

Equalizing cybersecurity for all

TLDR: A discussion on how organizations can enhance their cybersecurity posture with Blumira’s automated threat monitoring, detection, and response solutions. Blumira is working to lower the barrier to entry in cybersecurity for

Big cyber-attacks cost less now

Summary of Unexpectedly, the cost of big cyber-attacks is falling TLDR: Cybercrime costs are expected to rise to $23 trillion by 2027, according to Anne Neuberger Data shows that the economic impact