HSCC issues guide to promote cyber secure medical devices, health IT

Jan 28, 2019 - 03:01 PM
Symantic cyberattack. A woman typing on a laptop and on her mobile phone responding to a cyberattack.

The Healthcare and Public Health Sector Coordinating Council (HSCC) today released a consensus-based guide to developing, deploying and supporting cyber-secure medical devices and health information technology across the product lifecycle and improving information sharing between manufacturers and health care organizations. A public-private partnership of health care companies and providers developing collaborative solutions to mitigate threats to critical health care infrastructure, HSCC developed the Medical Device and Health IT Joint Security Plan in response to 2017 recommendations by the Health Care Industry Cybersecurity Task Force. “The goal of this effort was to align cybersecurity priorities and processes between medical device manufactures and health care providers to lower the cybersecurity risk in medical devices,” said Kevin McDonald, co-chair of the initiative and director of clinical information security at Mayo Clinic. “By creating this alignment we can strengthen the security of medical technology against cyber threats, improve cyber risk management within health care organizations, and better protect patient safety.” Feedback on the plan, which will be updated as needed to adapt to the changing threat environment, may be emailed to JSPFeedback@HealthSectorCouncil.org. 

Related News Articles

Headline
FBI reminds of potentially malicious activity by Iranian cyber actors
The FBI is reminding critical infrastructure organizations to implement mitigations from a June 2025 fact sheet on potential actions by Iranian-affiliated…
Headline
CISA report updates findings on RESURGE malware attacks
The Cybersecurity and Infrastructure Security Agency Feb. 26 released a report that updates findings from last year on RESURGE malware used to gain covert…
Headline
Agencies issue guidance on exploitation of Cisco systems by cyber actors 
U.S. and international agencies Feb. 25 released guidance on protecting Cisco Software-defined Wide-area Networking systems from exploitation by malicious…
Headline
NSA issues guidelines on zero trust architecture
The National Security Agency has released two phases of its Zero Trust Implementation Guidelines for organizations to improve their zero trust architecture.…
Headline
CISA announces town halls to gather public input on proposed cyber incident reporting requirements
The Cybersecurity and Infrastructure Security Agency announced Feb. 13 that it will host a series of virtual town hall meetings to gather public input on…
Headline
AHA podcast: The FBI’s Campaign Against Cyberthreats Part 2
John Riggi, AHA national advisor for cybersecurity and risk, talks with Brett Leatherman, FBI assistant director, Cyber Division, and Gretchen Burrier, FBI…