Cybersecurity and medical devices: Are the ISO/IEC 80001-2-2 technical controls up to the challenge?

Anderson, Scott R.; Williams, P. John

doi:10.1016/j.csi.2017.10.001

Cited by 21 publications

(12 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…[33] The current Common Vulnerability Scoring System(CVSS) does not often take clinical environments into account and a common framework for security and safety of this devices will go along way in addressing some of these challenges [30]. The ISO 80001 standards on the application of risk management for IT-networks incorporating medical devices provides guidance on security and risk management for healthcare organisations but its effectiveness in dealing with modern and complex cybersecurity challenges is unknown [34].…”

Section: B Medical Devicesmentioning

confidence: 99%

Cybersecurity Metrics for Enhanced Protection of Healthcare IT Systems

Ahmed

Naqvi

Josephs

2019

2019 13th International Symposium on Medical Information and Communication Technology (ISMICT)

View full text Add to dashboard Cite

Cybersecurity incidents are on the rise in the healthcare sector and it is becoming a growing concern for the senior executives. The attack surface is expanding due to the large number of connected medical devices and the proliferation of portable devices such as smart phones, tablets and USB devices. In this paper, we will discuss some of the security challenges facing this sector and propose a set of cybersecurity metrics that could be used to enhance the protection of the IT systems.

show abstract

Section: B Medical Devicesmentioning

confidence: 99%

Cybersecurity Metrics for Enhanced Protection of Healthcare IT Systems

Ahmed

Naqvi

Josephs

2019

2019 13th International Symposium on Medical Information and Communication Technology (ISMICT)

View full text Add to dashboard Cite

show abstract

“…20 Some of the malfunctioning medical devices may have an impact on the health of patients. 21 Hospitals operate various devices necessary for keeping people alive. From cardio stimulators to infusions and intubations, monitoring devices in the intensive care units etc.…”

Section: Ransomware As a Threat To Cybersecuritymentioning

confidence: 99%

The Cybersecurity of Healthcare

Filipec

Plasil

2021

OaS (DaS)

View full text Add to dashboard Cite

This article is dealing mainly with cybersecurity of healthcare with a special emphasis on the Benešov hospital (Czech Republic), which was hit by the Ryuk ransomware virus. The case shows that even a well-managed middle-size hospital with a relatively good level of cybersecurity might be significantly hit by the attack. The article first explores the general context of cybersecurity of healthcare with reference to the forms of cyber-attacks involving ransomware and then explores the case of the Benešov hospital (Hospital of Rudolf and Stefanie). The main aim of this article is to derive lessons learned from the case, which might be well used for the management of further incidents of similar nature, which is increasingly important at the times of fight with COVID-19 infection creating new pressure on the system.

show abstract

“…Detailed guidelines are available from FDA (Food and Drug Administration) in both the premarket (U.S. Food Drug Administration., 2018) and post-market phase (U.S. Food & Drug Administration, 2016). It should be noted that the available international standard, while being widely applied, presents significant gaps in the definition of requirements (Anderson and Williams, 2018). Data transfer: the loss or alteration of data may impair the use of the whole wearable device.…”

Section: Giving Proof Of Safety Of a Wearable Sensormentioning

confidence: 99%

Comprehensive Review on Current and Future Regulatory Requirements on Wearable Sensors in Preclinical and Clinical Testing

Ravizza¹,

Maria

Pietro

et al. 2019

Front. Bioeng. Biotechnol.

View full text Add to dashboard Cite

Medical devices are designed, tested, and placed on the market in a highly regulated environment. Wearable sensors are crucial components of various medical devices: design and validation of wearable sensors, if managed according to international standards, can foster innovation while respecting regulatory requirements. The purpose of this paper is to review the upcoming European Union (EU) Medical Device Regulations 2017/745 and 2017/746, the current and future International Electrotechnical Commission (IEC) and International Organization for Standardization (ISO) standards that set methods for design and validation of medical devices, with a focus on wearable sensors. Risk classification according to the regulation is described. The international standards IEC 62304, IEC 60601, ISO 14971, and ISO 13485 are reviewed to define regulatory restrictions during design, pre-clinical validation and clinical validation of devices that include wearable sensors as crucial components. This paper is not about any specific innovation but it is a toolbox for interpreting current and future regulatory restrictions; an integrated method for design planning, validation and clinical testing is proposed. Application of this method to design wearable sensors should be evaluated in the future in order to assess its potentially positive impact to fostering innovation and to ensure timely development.

show abstract

Cybersecurity and medical devices: Are the ISO/IEC 80001-2-2 technical controls up to the challenge?

Cited by 21 publications

References 7 publications

Cybersecurity Metrics for Enhanced Protection of Healthcare IT Systems

Cybersecurity Metrics for Enhanced Protection of Healthcare IT Systems

The Cybersecurity of Healthcare

Comprehensive Review on Current and Future Regulatory Requirements on Wearable Sensors in Preclinical and Clinical Testing

Contact Info

Product

Resources

About