First: Do No Harm. Second: Keep Others From Doing It.
In the wake of discoveries that some medical devices are vulnerable to remote tampering via the Internet, the U.S. Food and Drug Administration (FDA) issued new guidelines this week that are meant to direct medical device manufacturers in beefing up security. The hope is that we'll never have to read about—or worse, personally experience—death or injury because some malware-infected gadget didn't work the way it should.
The FDA recommendations call for device makers to review their cybersecurity practices and test their products with an eye toward ensuring that their authentication setups can limit access to authorized users only. The guidelines also urge health care facilities to be more vigilant in updating their antivirus software, to set stricter controls on who accesses their networks, and to cooperate with device makers to investigate and fix security breaches.