cybersecurity requirements
See the following -
Joint Study between VA and UL shows UL Cybersecurity Standard provides robust risk management for connected medical devices
The U.S. Department of Veteran Affairs (VA) and UL, a global safety science organization, today announced the completion of a two-year Cooperative Research and Development Agreement (CRADA) Program for medical device cybersecurity. As medical devices are susceptible to cybersecurity attacks, creating both patient safety risks and disclosure risks for protected health information, the VA and UL sought to address an existing gap in the marketplace for cybersecurity standards and practical certification approaches for connected medical devices. With the Internet of Medical Things (IoMT) revolutionizing patient care, increasing efficiency and improving healthcare quality, the VA aimed to find solutions for securing large-scale IoMT device deployments supporting mission-critical care delivery for roughly nine million patients under its care. Read More »
- Login to post comments
Understanding the Cyber Resilience Act: What Everyone involved in Open Source Development Should Know
The European Union is making big changes to cybersecurity requirements with its proposed Cyber Resilience Act (CRA). You may have heard about the CRA’s potential impact on the open source ecosystem. But what does the Cyber Resilience Act mean for you? This post is an introduction to the Act and explains how it may affect the open source maintainers and developer community. Note that this post is based on a draft of the CRA from September 15, 2022. The Act is still in a draft stage and getting feedback, and its provisions may differ before it is passed into law. The Cyber Resilience Act was introduced by the European Parliament in September 2022. Its purpose is to establish cybersecurity requirements for devices and software marketed in the EU. Everybody who places digital products in the EU market will be responsible for additional obligations around reporting and compliance, such as fixing discovered vulnerabilities, providing software updates, and auditing and certifying the products.
- Login to post comments