Cybersecurity of Medical Devices: Past, Present, and Future

Abstract

The critical importance of effective cybersecurity of connected electronic devices, especially medical devices, has never been more timely. The healthcare industry and patient care are being transformed by an influx of new highly sophisticated and connected devices, with very little awareness of the security risks being incurred by the manufacturer, healthcare provider, physician, or patient. This chapter focuses on understanding the challenges to effective medical device cybersecurity including and addressing the following topics: (i) What are the risks? (ii) What can we learn from the past? (iii) What are the current best practices to mitigate risk today? (iv) Where do we want to be tomorrow? This chapter also delves into the commercial side of this issue and makes recommendations for unifying all of the proposed mitigations in a manner that is palatable to all parties involved.