Medical device cybersecurity involves complex responsibility transitions between manufacturers, healthcare organizations and third-party service providers throughout device life cycles. The FDA's 2022 legislation and updated 2023 guidance mandate security-by-design approaches, requiring manufacturers to demonstrate cybersecurity controls and life cycle management plans. Legacy devices designed decades ago lack these protections, creating ongoing challenges for healthcare organizations managing outdated systems with limited vendor support. Success requires cross-disciplinary collaboration integrating clinical workflows with security requirements while navigating diverse outsourcing models and vendor relationships.

This expert panel discussion will cover:

• FDA regulatory requirements for premarket cybersecurity submissions and post-market vulnerability management;
• Cross-disciplinary governance frameworks integrating clinical, IT, security and biomedical engineering teams;
• Vendor relationship strategies including MedWatch reporting and coordinated vulnerability disclosure processes.