“Smart” but Insecure: Improving Medical Device Cybersecurity
As “smart” medical devices continue to proliferate across the healthcare sector, healthcare organizations have been increasingly targeted by ransomware and other debilitating cyber attacks. These devices are often vulnerable to attacks, potentially allowing malicious hackers to steal patient data, modify medical exam results, or disrupt life-supporting machines. These policy briefs propose that the Food and Drug Administration establish a clear list of cybersecurity requirements for medical devices to receive FDA approval, including the use of Device Query interfaces.
These briefs were completed as part of a project for the 2021 Aspen Tech Policy Hub Fellowship, a program to teach technology experts how to impact policy.