Cybersecurity: Mitigating Risk at the System-Level
Arguably one of the largest concerns regarding the Internet of Things (IoT), cybersecurity is a hot topic when it comes to developing a new product. Products connected to the IoT, or communicating with a larger network of devices, are often vulnerable to external technical attacks. These attacks cause the device to malfunction or work against its intended use, and in the most serious of cases, harmfully affect users, possibly resulting in death.
So, the million-dollar question is, how can product manufacturers ensure their device is secure from all vulnerabilities?
Security should start at the system-level. From a software system perspective, formulate a cybersecurity plan incorporating the compliance standards in which the device needs to meet and identifying all possible cybersecurity threats and risks. The high-level framework should include cybersecurity identification, protection, detection, response, and recovery. This document will act as a guide during the life cycle of the device, in design and development, and in maintenance.
Recently, the medical device industry has been experiencing cybersecurity threats resulting in costly product recalls and harmful brand and quality recognition for the manufacturer. While large medical device manufacturers like Medtronic and Guardant Health have been experiencing threatening cybersecurity issues, much of this could have been avoided when designing the device at the system-level. Simply put, consider cybersecurity when designing the device’s firmware or cloud system. Utilize engineering best practices to ensure the proper authentications are in place, for example, how will the network identify and authenticate your device? Have you considered zero touch provisioning (ZTP) to eliminate the risk for human error with automated security key generation?
If you are worried that you lack the proper cybersecurity protocols to ensure your device is safe from attacks, we are here to help.
No Comment
You can post first response comment.