I will be speaking December 12th at the 2nd Connected Medical Devices Cyber Security Summit in San Francisco (see https://connected-devices-summit.com/ ) My presentation will focus on two areas:
- Technical -The lack of cyber security and authentication in lower level devices (e.g., process sensors, actuators, power supplies, etc.) in both medical device manufacturing and medical device implementation. These devices have no cyber security nor an ability to cyber secure them.
- Organizational - The lack of coordination between the engineers that design and manufacture the devices and the cyber security organizations that secure the devices. This is a breakdown in governance in almost every industry.
To demonstrate these concerns are real, I will discuss actual medical device control system cyber incidents that have resulted in injuries or death.
I will also be on a panel discussion with Jim Jacobson, Chief Product and Solution Security Officer, Siemens Healthineers, Kelly Aldrich, Chief Clinical Transformation & Digital Officer Center for Medical Interoperability, and Christopher Beeman, Business Development & Connected Technologies Manager UL, LLC.
Topics to be discussed include-
1) The advantages and limitations of current cybersecurity frameworks for large and medium sized organizations"
2) Advantages of defining proper use of personal and employer-provided devices; and creation of a cyberattack response plan
Joe Weiss