The FDA now requires medical devices be secured against cyberattacks

Rising security threats against medical devices raise FDA concerns

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

The US Food and Drug Administration (FDA) has confirmed plans to require smart health device manufacturers to meet new cybersecurity measures as more IoT medical devices enter the market.

Themovewill also give the FDA approval to enforce new cybersecurity standards and even reject premarket submissions for new medical devices, as of March 29, 2023 - three months after the omnibus appropriations bill was signed into law.

However, the FDA promises to work with and support companies to meet the new standards for another six months, until October 1.

Cyberattacks on medical devices

Medical devices subject to the new regulations include those that are connected to the internet, those that run software, and those that would otherwise be susceptible to cyberattacks.

Numerous subcategories within the smart health market are all going to be affected, including casual users seeking advanced information from smart scales to more serious applications like blood pressure monitors and even pacemakers.

These are the best endpoint protection tools>Google Cloud launches AI-powered medical imaging platform>This is now the best encryption method for IoT devices, experts claim

The new law requires manufacturers to respond to threats and vulnerabilities by preparing patches rather than running the same factory version of software for its entire lifespan - a change that will see companies having to invest in more developers and other technical knowledge.

Promising news for consumers, however existing inventory and products already in the hands of millions are unaffected by the bill and are unlikely to be updated accordingly for an array of reasons, including technical and hardware incompatibility and simply a manufacturer’s decision to push new products to market.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Moving forward, it is hoped that the new requirements will help address a previousFBIfinding that over half (53%) of digital medical devices and other Internet-connected medical devices had known critical vulnerabilities.

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Your doctor may have an AI assistant taking notes during your next Zoom call