Modern medical devices offer an unprecedented range of services to medical professionals and patients, allowing access to advanced diagnostics at the touch of a button as part of a larger interconnected health network. On the other side, they also offer an unprecedented level of risk and a large attack surface that can enable malicious actors to exfiltrate sensitive data or conduct ransomware attacks. Medical device makers need to work closely with the federal government and end users to ensure that these vital devices are as safe as possible while allowing patients to receive the top-quality technology-enabled care they need.

In this session, Kevin Fu, acting director, medical device cybersecurity, FDA Center for Devices and Radiological Health, will discuss:

• The state of medical device security, and overcoming archaic engineering principles
• Utilizing threat modeling to identify potential vulnerabilities before they are exploited
• Promoting education and awareness to enhance end-user resilience