The Food and Drug Administration, the Cybersecurity and Infrastructure Security Agency, and the Health Sector Cybersecurity Coordination Center all released reports this week on three critical challenges facing the health-care industry: communicating medical device risks to patients, securing insider threats, and hardening remote access via virtual private networks. CISA recommendations on hardening VPN access points, which are commonly used for telehealth, telemedicine, patient access, and other applications, is provided in the HC3 warning.
In addition, CISA has released a new tool for public and private sector companies to assess insider threat concerns. Finally, the FDA guidelines intends to assist health care delivery organisations in explaining connected medical device security risks to patients and caregivers, including Cybersecurity events that could have a public health impact. As many small and medium-sized businesses struggle in these areas, the free resources can help shine light on the dangers and best practises that need to be implemented in order to improve overall cyber posture.
According to the FDA, the guidance is aimed at helping industry stakeholders and federal partners create their communication strategy. Clear, proactive communication is one method to safeguard and promote public health while also ensuring that patients who rely on medical devices are kept informed and safe. Interpretability, risks and advantages, resolving unknown dangers, information availability and discovery, a breakdown in communication materials, and outreach tools are among the important parts broken down.