A Value Blueprint Approach to Cybersecurity in Networked Medical Devices

Abstract

Cybersecurity for networked medical devices has been usually ``boltedon{''} by manufacturers at the end of the design cycle, rather thanintegrated as a key factor of the product development and value creationprocess. The recently released cybersecurity guidelines by the UnitedStates Food and Drug Administration (FDA) offer an opportunity formanufacturers to find a way of positioning cybersecurity as part offront-end design, value creation, and market differentiation. However,the technological architecture and the functionality of such devicesrequire an ecosystem approach to the value creation process. Thus, thepresent article adopts an ecosystem approach to including cybersecurityas part of their value proposition. It extends the value blueprintapproach suggested by Ron Adner to include an additional dimension thatoffers the opportunity to define: the potential locations ofcybersecurity issues within the ecosystem, the specific nature of theseissues, the players that should be responsible for addressing them, aswell as a way to articulate the added cybersecurity value as acompetitive differentiator to potential customers. The value of theadditional blueprint dimension is demonstrated through a case study of arepresentative networked medical device -a connected insulin pump andcontinuous glucose monitor.