NEWS!!

LATEST UPDATES

NIST FRAMEWORK:

On January 10, 2017, NIST released proposed updates to Cybersecurity Framework. This draft Version 1.1 of the Cybersecurity Framework seeks to clarify, refine, and enhance the Framework. Updates were derived from feedback NIST received since publication of Cybersecurity Framework Version 1.0, including responses to a December 2015 RFI entitled Views on the Framework for Improving Critical Infrastructure Cybersecurity(link is external) and discourse at Cybersecurity Framework Workshop 2016.


FDA WEBINAR – Postmarket Management of Cybersecurity in Medical Devices Final Guidance – held on January 12, 2017:

On January 12, 2017, the FDA hosted a webinar for industry to review, discuss and answer questions regarding the “Postmarket Management of Cybersecurity in Medical Devices Final Guidance” document.

This final guidance informs industry of the Agency’s recommendations for managing postmarket cybersecurity vulnerabilities for marketed and distributed medical devices by:
1.clarifying the FDA’s recommendations for managing postmarket cybersecurity vulnerabilities;
2.emphasizing that manufacturers should monitor, identify, and address cybersecurity vulnerabilities and exploits as part of their postmarket management of medical devices;
3.establishing a risk-based framework for assessing when changes to medical devices for cybersecurity vulnerabilities require reporting to the FDA; and
4.outlining circumstances in which the FDA does not intend to enforce reporting requirements under 21 CFR, part 806.

 

FDA Postmarket Management of Cybersecurity in Medical Devices Final Guidance Webinar Slides

 

 


Medical Device Vulnerability Intelligence Program for Evaluation and Response (MD-VIPER) Webinar, January 31, 2017. The NH-ISAC and MDISS hosted a webinar for industry to review, discuss and answer questions around MD-VIPER, a program of the medical device ISAO, and how it supports the FDA “Postmarket Management of Cybersecurity in Medical Devices Final Guidance.”


 

Press Releases

NH-ISAC and MDISS Partner to Form Medical Device Security Information Sharing Initiative

The National Health ISAC and the Center for Internet Security Partner to Strengthen National Healthcare & Public Health Cybersecurity Resilience

MDISS Launches ‘WHISTL’

Press Coverage