Governance & Risk Management , Healthcare , Industry Specific

Unforeseen Risks to Medical Devices in Ransomware Attacks

Jessica Wilkerson of the FDA on Evolving Medical Device Cyber Concerns
Unforeseen Risks to Medical Devices in Ransomware Attacks
Jessica Wilkerson, senior cyber policy adviser for medical devices at the FDA (Image: FDA)

While ransomware attacks against medical devices don't happen often, disruptive cyber incidents that affect the availability of the IT systems that medical devices rely on are a big concern that needs the industry's critical attention, said Jessica Wilkerson of the Food and Drug Administration.

"If you pull down a network, and all of your devices depend on the network to communicate with each other to talk to the electronic health record, well, then they can't talk to each other anymore," Wilkerson said.

The fallout from taking networks offline could have major consequences for patients, which is why healthcare experts need to be at the table with IT leaders and chief information security officers when critical decisions are made, she said.

"We need to get people's brains going into considering these risks," Wilkerson said.

In this audio interview with Information Security Media Group (see audio link below photo) conducted at the HIPAA Summit hosted by the U.S. Department of Health and Human Services and the National Institute of Standards and Technology, Wilkerson discussed:

  • Considerations for manufacturers and healthcare delivery organizations about the availability of medical devices during cyber incidents;
  • Cyber issues involving legacy devices, implantable devices and artificial intelligence;
  • The progress and pain points of medical device makers complying with FDA's enhanced cybersecurity expectations;
  • FDA's work on medical device cybersecurity including guidance under development.

Wilkerson is senior cyber policy adviser and medical device cybersecurity team lead at the Center for Devices and Radiological Health within the FDA. Wilkerson, an attorney, examines issues and develops policy related to the safety and effectiveness of connected medical devices.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.