First Cybersecurity Chief of Medical Devices Takes the Reins at FDA

First Cybersecurity Chief of Medical Devices Takes the Reins at FDA

Kevin Fu, PhD, a pioneer in medical device cybersecurity, joined the US Food and Drug Administration (FDA) earlier this year as expert-in-residence and acting director of medical device cybersecurity, a new 1-year position within the Center for Devices and Radiological Health (CDRH).

Dr Kevin Fu
“He was basically the godfather of the topic,” says Axel Wirth, chief security strategist at MedCrypt, a medical device cybersecurity company based in San Diego, California. In 2008, Fu was part of the team that first demonstrated it was possible to hack into an implantable cardiac defibrillator and potentially harm patients, helping start the field of medical device cybersecurity, Wirth says. It is hoped that Fu’s position at the FDA will increase the ability of the agency and the medical device industry to tackle cybersecurity issues, he notes.webmd.ads2.defineAd({id:’ads-pos-1122′,pos: 1122});The position at the agency has been in the works for some time, Suzanne Schwartz, MD, MBA, director of the Office of Strategic Partnerships and Technology Innovation at the FDA’s CDRH, told Medscape Medical News through a spokesperson. “It is not a reactive gesture by any means. Rather, it is a reflection of CDRH’s state of growth and evolution in its medical device cybersecurity efforts,” Schwartz said.

webmd.ads2.defineAd({id:’ads-pos-520′,pos: 520});”Clinicians and healthcare leaders need to appreciate that medical devices are computers, and all computers naturally have postmarket cybersecurity risks,” said Fu in an email provided by an FDA spokesperson. “That’s why all manufacturers should provide healthcare delivery organizations with regular software updates to keep medical devices safe from evolving cybersecurity threats. Firewalls are not enough.”But as with most projects at the FDA, change won’t be quick. “I view my year as guiding an aircraft carrier in the direction of my vision for improving medical device cybersecurity,” Fu said. “It will take years of continuous effort and leadership on cybersecurity to ensure safe and effective devices as new threats and vulnerabilities inevitably arise.” Fu said that at the end of his 1-year term, he plans to return to his regular duties at the University of Michigan.

webmd.ads2.defineAd({id:’ads-pos-1520′,pos: 1520}); Increased Connectivity, Increased Risk As more medical devices have been equipped with Bluetooth capabilities or have become connected to physician and hospital networks during the past decade, the risk for potential attack or compromise has increased. “What was previously a niche field with little practical risk has changed into one where millions may rely on a particular security implementation,” said Stuart Mendenhall, MD, a clinical cardiac electrophysiology expert at Scripps Memorial Hospital La Jolla, in San Diego, California, in an email to Medscape Medical News.

webmd.ads2.defineAd({id:’ads-pos-141′,pos: 141});The increased connectivity of medical devices evolved in a gradual, ad hoc way. New features were added to improve the clinical experience without a view toward heading off potential security risks, says Vidya Murthy, vice president of operations at MedCrypt, a company focused on healthcare device security.Society at large has become more reliant on technology in all aspects of life, and “cyber adversaries [have become] more sophisticated, stealthy, and more targeted,” says Wirth.

Researchers such as Fu have shown it is possible to maliciously hack pacemakers and implantable cardiac defibrillator, insulin pumps, temperature sensing and control devices, and more. So far, the FDA has not received any reports of deliberate efforts to compromise medical devices in order to hurt patients, Schwartz said. However, connected medical devices have gotten caught up in larger cyber attacks, Wirth says. The 2017 WannaCry attack that affected several National Health Service hospitals in the United Kingdom took down imaging systems and infusion pump devices. Some medical devices were used as a “backdoor” into the system during the attack, according to Wirth.Cybersecurity risks are continuing to grow. Because of the COVID-19 pandemic, use of telehealth has rapidly accelerated. With the shift to more healthcare at home, physicians, patients, manufacturers, regulators, and cybersecurity experts will have to contend with basic medical devices being hooked up to home networks that transmit information via the public network, Wirth says. New approaches, such as home dialysis, could be convenient for patients, but every device needs to be properly secured.

webmd.ads2.defineAd({id:’ads-pos-420′,pos: 420});”The challenge in that acceleration is not to skip over cybersecurity,” Wirth says. Physicians and Cybersecurity In addition to his FDA appointment, Fu is a cybersecurity researcher and director of the Archimedes Center for Medical Device Security at the University of Michigan, in Ann Arbor. He is a professor of computer security and healthcare and a cofounder of Virta Labs, a healthcare cybersecurity company. He has testified at multiple Senate and House hearings on medical device security.”In his research, he’s really future-gazing,” says Murthy of Fu. His position as an academic and researcher could be an asset at the FDA, because he has “a different vested interest than someone from the corporate world — his perspective is rooted in what is equitable across the environment,” Murthy said.The medical device team Fu is joining at the FDA started in 2013, Schwartz said. The department’s responsibilities include issuing safety communications about exploitable flaws in medical device systems and creating guidelines for manufacturers on managing device cybersecurity before and after a product goes to market. Bringing in a global leader in medical device security such as Fu at this point is a reflection of how the program is continuing to grow, according to Schwartz.Medical device cybersecurity seemed to be pushed to the FDA’s back burner last year during the pandemic, but Fu’s appointment suggests it is back on the agenda, says Wirth. Consistent enforcement of cybersecurity standards by the FDA across the industry would help all manufacturers raise the quality of products, concurs Murthy. Figuring out how all the different players in the industry — manufacturers, healthcare professionals, regulators, cybersecurity experts, and others — can communicate effectively about this complex topic would be hugely beneficial, says Wirth.In the past few years, the medical device world has begun to realize the importance of managing medical device cybersecurity throughout a device’s lifecycle, said Fu. “A big part of my year concerns continuous improvement on the medical device industry side in what it means to ‘design in’ cybersecurity during initial product development and on the FDA side to further the education and training programs for FDA reviewers as it relates to device cybersecurity,” he said.Physicians and healthcare providers have a role to play in the cybersecurity ecosystem.Often, the risks of cyber attack don’t outweigh the benefit of using a particular medical device, says Murthy. But physicians should be aware of those potential risks. “Don’t assume that if you’re a physician, that it’s not a topic you need to deal with; you will need to deal with it in the near future,” says Wirth. Follow Medscape on Facebook, Twitter, Instagram, and YouTube.

0

12 Next

Medscape Medical News © 2021 
Send news tips to news@medscape.net.

Cite this: First Cybersecurity Chief of Medical Devices Takes the Reins at FDA – Medscape – Feb 10, 2021.

TOP PICKS FOR YOU

webmd.ads2.defineAd({
id: ‘ads-pos-904’,
pos: 904
});

webmd.ads2.defineAd({
id: ‘ads-pos-906’,
pos: 906
});

webmd.ads2.defineAd({
id: ‘ads-pos-907’,
pos: 907
});

Our Essay Writing Service Features

Qualified Writers
Looming deadline? Get your paper done in 6 hours or less. Message via chat and we'll get onto it.
Anonymity
We care about the privacy of our clients and will never share your personal information with any third parties or persons.
Free Turnitin Report
A plagiarism report from Turnitin can be attached to your order to ensure your paper's originality.
Safe Payments
The further the deadline or the more pages you order, the lower the price! Affordability is in our DNA.
No Hidden Charges
We offer the lowest prices per page in the industry, with an average of $7 per page
24/7/365 Support
You can contact us any time of day and night with any questions; we'll always be happy to help you out.
$15.99 Plagiarism report
$15.99 Plagiarism report
$15.99 Plagiarism report
$15.99 Plagiarism report
$3.99 Outline
$21.99 Unlimited Revisions
Get all these features for $65.77 FREE
Do My Paper

Frequently Asked Questions About Our Essay Writing Service

Academic Paper Writing Service

Our essay writers will gladly help you with:

Essay
Business Plan
Presentation or Speech
Admission Essay
Case Study
Reflective Writing
Annotated Bibliography
Creative Writing
Report
Term Paper
Article Review
Critical Thinking / Review
Research Paper
Thesis / Dissertation
Book / Movie Review
Book Reviews
Literature Review
Research Proposal
Editing and proofreading
Other
Find Your Writer

Latest Feedback From Our Customers

Customer ID:  # 678224
Research Paper
Highly knowledgeable expert, reasonable price. Great at explaining hard concerts!
Writer: Raymond B.
08/10/2021
Customer ID: # 619634
Essay (any type)
Helped me with bear and bull markets right before my exam! Fast teacher. Would work with Grace again.
Writer: Lilian G.
08/10/2021
Customer ID: # 519731
Research Paper
If you are scanning reviews trying to find a great tutoring service, then scan no more. This service elite!
Writer: Grace P.
08/10/2021
Customer ID: #499222
Essay (any type)
This writer is great, finished very fast and the essay was perfect. Writer goes out of her way to meet your assignment needs!
Writer: Amanda B.
08/10/2021
Place an Order

Calculate the price of your order

You will get a personal manager and a discount.
We'll send you the first draft for approval by at
Total price:
$0.00
×

Powered by WhatsApp Chat

× How can I help you?

First Cybersecurity Chief of Medical Devices Takes the Reins at FDA

First Cybersecurity Chief of Medical Devices Takes the Reins at FDA

Kevin Fu, PhD, a pioneer in medical device cybersecurity, joined the US Food and Drug Administration (FDA) earlier this year as expert-in-residence and acting director of medical device cybersecurity, a new 1-year position within the Center for Devices and Radiological Health (CDRH).

Dr Kevin Fu
“He was basically the godfather of the topic,” says Axel Wirth, chief security strategist at MedCrypt, a medical device cybersecurity company based in San Diego, California. In 2008, Fu was part of the team that first demonstrated it was possible to hack into an implantable cardiac defibrillator and potentially harm patients, helping start the field of medical device cybersecurity, Wirth says. It is hoped that Fu’s position at the FDA will increase the ability of the agency and the medical device industry to tackle cybersecurity issues, he notes.webmd.ads2.defineAd({id:’ads-pos-1122′,pos: 1122});The position at the agency has been in the works for some time, Suzanne Schwartz, MD, MBA, director of the Office of Strategic Partnerships and Technology Innovation at the FDA’s CDRH, told Medscape Medical News through a spokesperson. “It is not a reactive gesture by any means. Rather, it is a reflection of CDRH’s state of growth and evolution in its medical device cybersecurity efforts,” Schwartz said.

webmd.ads2.defineAd({id:’ads-pos-520′,pos: 520});”Clinicians and healthcare leaders need to appreciate that medical devices are computers, and all computers naturally have postmarket cybersecurity risks,” said Fu in an email provided by an FDA spokesperson. “That’s why all manufacturers should provide healthcare delivery organizations with regular software updates to keep medical devices safe from evolving cybersecurity threats. Firewalls are not enough.”But as with most projects at the FDA, change won’t be quick. “I view my year as guiding an aircraft carrier in the direction of my vision for improving medical device cybersecurity,” Fu said. “It will take years of continuous effort and leadership on cybersecurity to ensure safe and effective devices as new threats and vulnerabilities inevitably arise.” Fu said that at the end of his 1-year term, he plans to return to his regular duties at the University of Michigan.

webmd.ads2.defineAd({id:’ads-pos-1520′,pos: 1520}); Increased Connectivity, Increased Risk As more medical devices have been equipped with Bluetooth capabilities or have become connected to physician and hospital networks during the past decade, the risk for potential attack or compromise has increased. “What was previously a niche field with little practical risk has changed into one where millions may rely on a particular security implementation,” said Stuart Mendenhall, MD, a clinical cardiac electrophysiology expert at Scripps Memorial Hospital La Jolla, in San Diego, California, in an email to Medscape Medical News.

webmd.ads2.defineAd({id:’ads-pos-141′,pos: 141});The increased connectivity of medical devices evolved in a gradual, ad hoc way. New features were added to improve the clinical experience without a view toward heading off potential security risks, says Vidya Murthy, vice president of operations at MedCrypt, a company focused on healthcare device security.Society at large has become more reliant on technology in all aspects of life, and “cyber adversaries [have become] more sophisticated, stealthy, and more targeted,” says Wirth.

Researchers such as Fu have shown it is possible to maliciously hack pacemakers and implantable cardiac defibrillator, insulin pumps, temperature sensing and control devices, and more. So far, the FDA has not received any reports of deliberate efforts to compromise medical devices in order to hurt patients, Schwartz said. However, connected medical devices have gotten caught up in larger cyber attacks, Wirth says. The 2017 WannaCry attack that affected several National Health Service hospitals in the United Kingdom took down imaging systems and infusion pump devices. Some medical devices were used as a “backdoor” into the system during the attack, according to Wirth.Cybersecurity risks are continuing to grow. Because of the COVID-19 pandemic, use of telehealth has rapidly accelerated. With the shift to more healthcare at home, physicians, patients, manufacturers, regulators, and cybersecurity experts will have to contend with basic medical devices being hooked up to home networks that transmit information via the public network, Wirth says. New approaches, such as home dialysis, could be convenient for patients, but every device needs to be properly secured.

webmd.ads2.defineAd({id:’ads-pos-420′,pos: 420});”The challenge in that acceleration is not to skip over cybersecurity,” Wirth says. Physicians and Cybersecurity In addition to his FDA appointment, Fu is a cybersecurity researcher and director of the Archimedes Center for Medical Device Security at the University of Michigan, in Ann Arbor. He is a professor of computer security and healthcare and a cofounder of Virta Labs, a healthcare cybersecurity company. He has testified at multiple Senate and House hearings on medical device security.”In his research, he’s really future-gazing,” says Murthy of Fu. His position as an academic and researcher could be an asset at the FDA, because he has “a different vested interest than someone from the corporate world — his perspective is rooted in what is equitable across the environment,” Murthy said.The medical device team Fu is joining at the FDA started in 2013, Schwartz said. The department’s responsibilities include issuing safety communications about exploitable flaws in medical device systems and creating guidelines for manufacturers on managing device cybersecurity before and after a product goes to market. Bringing in a global leader in medical device security such as Fu at this point is a reflection of how the program is continuing to grow, according to Schwartz.Medical device cybersecurity seemed to be pushed to the FDA’s back burner last year during the pandemic, but Fu’s appointment suggests it is back on the agenda, says Wirth. Consistent enforcement of cybersecurity standards by the FDA across the industry would help all manufacturers raise the quality of products, concurs Murthy. Figuring out how all the different players in the industry — manufacturers, healthcare professionals, regulators, cybersecurity experts, and others — can communicate effectively about this complex topic would be hugely beneficial, says Wirth.In the past few years, the medical device world has begun to realize the importance of managing medical device cybersecurity throughout a device’s lifecycle, said Fu. “A big part of my year concerns continuous improvement on the medical device industry side in what it means to ‘design in’ cybersecurity during initial product development and on the FDA side to further the education and training programs for FDA reviewers as it relates to device cybersecurity,” he said.Physicians and healthcare providers have a role to play in the cybersecurity ecosystem.Often, the risks of cyber attack don’t outweigh the benefit of using a particular medical device, says Murthy. But physicians should be aware of those potential risks. “Don’t assume that if you’re a physician, that it’s not a topic you need to deal with; you will need to deal with it in the near future,” says Wirth. Follow Medscape on Facebook, Twitter, Instagram, and YouTube.

03

12 Next

Medscape Medical News © 2021 
Send news tips to news@medscape.net.

Cite this: First Cybersecurity Chief of Medical Devices Takes the Reins at FDA – Medscape – Feb 10, 2021.

TOP PICKS FOR YOU

webmd.ads2.defineAd({
id: ‘ads-pos-904’,
pos: 904
});

webmd.ads2.defineAd({
id: ‘ads-pos-906’,
pos: 906
});

webmd.ads2.defineAd({
id: ‘ads-pos-907’,
pos: 907
});

Our Essay Writing Service Features

Qualified Writers
Looming deadline? Get your paper done in 6 hours or less. Message via chat and we'll get onto it.
Anonymity
We care about the privacy of our clients and will never share your personal information with any third parties or persons.
Free Turnitin Report
A plagiarism report from Turnitin can be attached to your order to ensure your paper's originality.
Safe Payments
The further the deadline or the more pages you order, the lower the price! Affordability is in our DNA.
No Hidden Charges
We offer the lowest prices per page in the industry, with an average of $7 per page
24/7/365 Support
You can contact us any time of day and night with any questions; we'll always be happy to help you out.
$15.99 Plagiarism report
$15.99 Plagiarism report
$15.99 Plagiarism report
$15.99 Plagiarism report
$3.99 Outline
$21.99 Unlimited Revisions
Get all these features for $65.77 FREE
Do My Paper

Frequently Asked Questions About Our Essay Writing Service

Academic Paper Writing Service

Our essay writers will gladly help you with:

Essay
Business Plan
Presentation or Speech
Admission Essay
Case Study
Reflective Writing
Annotated Bibliography
Creative Writing
Report
Term Paper
Article Review
Critical Thinking / Review
Research Paper
Thesis / Dissertation
Book / Movie Review
Book Reviews
Literature Review
Research Proposal
Editing and proofreading
Other
Find Your Writer

Latest Feedback From Our Customers

Customer ID:  # 678224
Research Paper
Highly knowledgeable expert, reasonable price. Great at explaining hard concerts!
Writer: Raymond B.
08/10/2021
Customer ID: # 619634
Essay (any type)
Helped me with bear and bull markets right before my exam! Fast teacher. Would work with Grace again.
Writer: Lilian G.
08/10/2021
Customer ID: # 519731
Research Paper
If you are scanning reviews trying to find a great tutoring service, then scan no more. This service elite!
Writer: Grace P.
08/10/2021
Customer ID: #499222
Essay (any type)
This writer is great, finished very fast and the essay was perfect. Writer goes out of her way to meet your assignment needs!
Writer: Amanda B.
08/10/2021
Place an Order

Calculate the price of your order

You will get a personal manager and a discount.
We'll send you the first draft for approval by at
Total price:
$0.00