Explore the complex world of medical device security in this 48-minute Black Hat USA 2013 conference talk. Delve into the realities of patching medical devices, running anti-virus protection, and addressing misinformation surrounding these critical technologies. Learn about a framework for vendors, buyers, and administrators to enhance medical device security. Witness a live demonstration of a medical device software bug discovered by InGuardians, and gain insights into proper vulnerability disclosure procedures with the FDA. Understand the basics of diabetes management, various types of medical devices, and their FDA classifications. Examine real-world device reporting, FDA involvement, and manufacturer responses to security issues. Discover the challenges of OS updates for medical devices and hear calls to action for improved FDA guidance, device classification, and buyer awareness. Gain valuable knowledge to navigate the intersection of healthcare technology and cybersecurity.
Overview
Syllabus
Intro
Why do you care?
Diabetes 101: What is it?
Diabetes 101: High Sugar
Diabetes 101: Low Sugar
Medical Device and the FDA
Medical Devices to the Rescue!
Independent Medical Device
Peripheral Medical Device
Networked Medical Device
Device Reporting in the Real World
FDA Involvement in Reporting
Animas Reaction to "Bug"
Device Updates: Hero
MYTH OS Updates
Call for Action: FDA Guidance
Call for Action: Classification
Call for Action: Buyers
Final Thoughts
Taught by
Black Hat
Related Courses
-
State of Healthcare Cyber Safety
-
Medical Device Security - Hack or Hype
-
Medical Device Security: An Infectious Disease - Risks and Vulnerabilities
-
Medical Device Security - Please Don't Be Patient
-
Building a Defensive Framework for Medical Device Security
-
Medical Device Cyber Security - The First 164 Years
