Medical Device Cybersecurity through the FDA Lens

Suzanne B. Schwartz, US Food and Drug Administration

Abstract: 

Medical devices from insulin pumps to implantable cardiac pacemakers are becoming more interconnected, which can lead to safer, more effective technologies. However, like computers and the networks they operate in, these devices may have vulnerabilities that if exploited could threaten the health and safety of patients.

FDA’s approach to medical device cybersecurity is grounded in fostering collaboration and engagement across the broad community of stakeholders. FDA’s Center for Devices and Radiological Health (CDRH) work has involved assessing the landscape; convening stakeholders to understand the challenges and barriers that hinder advances in security; and then working together to identify incentives and solutions. These efforts have necessitated a significant change in culture within the health care sector and the medical device ecosystem.

In this presentation, key milestones will be covered including: publication of premarket and postmarket guidances for management of medical device cybersecurity; three public workshops convened with both government and non-government partners; a memorandum of understanding with NH-ISAC; and federally funded research and development center support, via the Mitre Corporation (MITRE), for CDRH’s medical device cybersecurity strategic initiative. In addition, advances in medical device cybersecurity as described in the recent (April 2018) release of the “FDA Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health” will be highlighted.

Suzanne B. Schwartz, US Food and Drug Administration

Suzanne B. Schwartz, MD, MBA is the Associate Director for Science & Strategic Partnerships at FDA’s Center for Devices & Radiological Health (CDRH). She chairs CDRH’s Cybersecurity Working Group and co-chairs the Healthcare and Public Health Government Coordinating Council. Suzanne graduated from Albert Einstein College of Medicine, trained in General Surgery and Burn Trauma at Weill Cornell Medical Center; an executive MBA from NYU Stern School of Business, and completed Harvard’s National Preparedness Leadership Initiative. Suzanne was recently recognized for Excellence in Innovation at FDA’s Women’s History Month for her work in Medical Device Cybersecurity.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

Presentation Audio

BibTeX
@conference {219987,
author = {Suzanne B. Schwartz},
title = {Medical Device Cybersecurity through the {FDA} Lens},
year = {2018},
address = {Baltimore, MD},
publisher = {{USENIX} Association},
}