IMPLEMENTING MEDICAL DEVICE CYBERSECURITY James Baker is guest columnist on Med Device Online

Connectivity is ubiquitous – it’s moved beyond an overhyped buzzword and become part of life. Offering ever-advancing levels of access, control, and convenience, widespread connectivity also increases the risk of unauthorised interference in our everyday lives.

In what many experts believe was a world first, manufacturer Johnson & Johnson recently issued a warning to patients on a cyber-vulnerability in one of its medical devices. The company announced that an insulin pump it supplies had a potential connectivity vulnerability. The wireless communication link the device used contained a potential exploit that could have been used by an unauthorised third party to alter the insulin dosage delivered to the patient.

It’s not hard to imagine the devastating impact to both consumers and the company if the reported vulnerability had been exploited. However, risks such as security will not prevent evolution of connected devices – demand for ever-increasing levels of convenience and access are driving the continued evolution and adoption of these products and services.

Cyber-security considerations shouldn’t be viewed as stumbling blocks for the connected device concept. Rather, it’s another of the many product requirements which, if considered and specified correctly at the design stage, can be implemented robustly. Above all, cybersecurity can be validated as part of a wider-reaching regulated device development process. It can’t be considered an isolated element to be bolted on, since it inherently helps to define the system architecture of what is developed.

Read full article on