More data is needed to understand the risks legacy connected medical devices pose to the healthcare system, particularly in their vulnerability to cyberattack. That was the key finding of a report contracted by the US Food and Drug Administration to the MITRE Corporation. The report was released on 15 November.
The report made four broad recommendations, including sharing responsibilities for legacy devices, managing vulnerabilities, workforce development, and creating partnerships. It also recommends several projects, including a project to study vulnerability management coordination and a pilot project to collect more data to help stakeholders make decisions about legacy devices…