Published by
@ShahidNShah
@ShahidNShah
Improving Medical Device Vulnerability Scoring
Newly updated Food and Drug Administration guidelines will help experts to more accurately score and communicate the criticality of security vulnerabilities identified in medical devices, says Elad Luz, head of security research at CyberMDX.
The FDA’s new resource, “Rubric for Applying the Cybersecurity Common Vulnerability Scoring System To Medical Devices,” was developed by the agency and The Mitre Corp. and unveiled in October.
When used with the cybersecurity standard CVSSv3.0, the FDA tool provides a common framework for risk evaluation and more accurate severity scoring of security vulnerabilities identified in medical devices by researchers such as Luz, as well as manufacturers, regulators and others, he says.
“CVSS is a widely adopted method for evaluating software vulnerabilities,” including those used in more general IT products, Luz notes.
“The problem is that when you use CVSS for medical devices … you will find unclear areas” that cause disagreements among researchers, manufacturers and regulators about the severity of security vulnerabilities identified in healthcare gear and the risk to patient safety, he says.
Continue reading at healthcareinfosecurity.com
Make faster decisions with community advice
- Oncology practice uses AI to significantly improve end-of-life care
- Predictive models can help stratify patient risk during and after COVID-19
- Evaluating musculoskeletal digital health apps
- AI Leads Way to Less False Positives on Remote Cardiac Monitoring Devices, Improved Results
- Informaticians Working on e-Referrals to Community-Based Organizations
Next Article
-
Oncology practice uses AI to significantly improve end-of-life care
Northwest Medical Specialties’ palliative care consults nearly doubled. Hospice referrals increased twelvefold. The integration of palliative care with advanced cancer helped the practice reach …
Posted Nov 4, 2020aioncology
