STOCK TITAN

MDIC Publishes First MedTech Cybersecurity Maturity Benchmarking Report

Rhea-AI Impact
(Neutral)
Rhea-AI Sentiment
(Positive)
Tags
Rhea-AI Summary

The Medical Device Innovation Consortium (MDIC) has published its first benchmark report on cybersecurity maturity in the medical device sector, in collaboration with Booz Allen Hamilton (NYSE:BAH). The report serves as a resource for medical device manufacturers (MDMs) and healthcare organizations to enhance cybersecurity measures. Key findings indicate no correlation between annual revenue and cybersecurity maturity, with strengths in organizational structure and weaknesses in cybersecurity design control. MDIC plans to publish this report annually to track industry progress.

Positive
  • MDIC has released the first benchmark report on cybersecurity maturity, providing valuable insights for medical device manufacturers.
  • The report aims to enhance cybersecurity practices and patient safety in the medical device industry.
  • MDIC intends to publish the benchmarking report annually, promoting ongoing improvements in cybersecurity.
Negative
  • The report revealed no correlation between annual revenue and cybersecurity maturity, indicating potential risks for less profitable manufacturers struggling with cybersecurity.

The benchmarking effort from MDIC will serve as a tool and a resource towards identifying best practices in cybersecurity that can be replicated by medical device manufacturers to ensure patient safety and security

ARLINGTON, Va.--(BUSINESS WIRE)-- The Medical Device Innovation Consortium (MDIC) today released the first benchmark report of the medical device industry’s cybersecurity maturity in partnership with Booz Allen Hamilton. The online tool MDIC developed for surveying the medical device industry on cybersecurity practices as well as the baseline findings in this report aim to enable medical device manufacturers (MDMs), Health Delivery Organizations (HDOs), and other stakeholders to more effectively establish long-term strategic plans to increase their cybersecurity maturity and efficiently track their progress.

“The goal of the MDIC Medical Device Cybersecurity Benchmarking Initiative is to measure cybersecurity maturity and benchmark across the industry to drive common improvements that reduce overall cybersecurity risk,” said Andrew Fish, MDIC President and CEO. MDIC collaborated with Healthcare Sector Coordinating Council (HSCC) and leveraged their 2019 Medical Device and Health Information Technology Joint Security Plan (JSP) framework to create the benchmarking survey for MDMs. MDIC and Booz Allen engaged MDMs of all sizes to gather insights into the current posture of their cybersecurity maturity, then aggregated and analyzed the data that is ultimately shared in this benchmark report.

“It is exciting that the release of the MDIC benchmarking report coincides with Cybersecurity Awareness Month,” said Suzanne Schwartz, Director of the Office of Strategic Partnerships & Technology Innovation at the FDA’s Center for Devices and Radiological Health (CDRH). “CDRH is committed to strengthening medical device cybersecurity, and data like those found in the benchmarking report support the overall medical device ecosystem in achieving this goal. We hope that the learnings from the MDIC benchmarking report can further inform future iterations of the JSP framework.”

The benchmark report revealed that there was not a correlation between the amount of a medical device manufacturer’s annual revenue and its cybersecurity maturity score. Overall, for the participating cohort, the industry’s highest level of maturity was related to organizational structure, while the lowest scores were around cybersecurity design control.

“It is well understood that you can’t improve what you can’t measure. Increasingly, cyber safety must be measured against patient safety. Thanks to MDIC, we have a means to begin measuring how medical device companies using the JSP and other frameworks are improving cybersecurity design and development in medical devices that patient safety requires. For HDOs, this is an important resource for their cyber risk management programs,” said Greg Garcia, the Cybersecurity Executive Director at the HSCC.

“We appreciate the strong collaboration among the MDIC, the FDA, HSCC, and MDMs, and hope the rich insights provided in this first-ever cybersecurity benchmarking report will help inform the maturation of medical device cybersecurity both within enterprises and across the industry,” said Andy Speirs, Principal, Secure Connected Health, Booz Allen Hamilton.

In addition to the ongoing benchmarking efforts, MDIC’s Medical Device Cybersecurity Initiative Steering Committee, chaired by Rob Suarez, Chief Information Security Officer for BD (Becton Dickinson), currently focuses on areas such as - threat modeling, penetration testing, and coordinated vulnerability disclosure.

“As an industry, we must keep improving,” said Rob Suarez. “The MDIC benchmarking report provides a baseline for understanding the industry’s current cybersecurity maturity. For medical technology companies, benchmark data provides a useful tool in our collective journey toward advancing cybersecurity in healthcare. Knowing where we stand today can help all of us identify opportunities to boost cybersecurity and resilience, which are essential to protecting patient safety and privacy.”

MDIC’s benchmarking tool will be available as a resource to manufacturers to measure maturity over time. Further, MDIC intends to publish the Medical Device Cybersecurity: Industry Benchmark Report annually that will serve as a critical source of information and further enable the industry to continue to improve product security. Future benchmarking will ideally include an expanded cohort with broader representation across smaller and larger MDMs as well as markets outside the US.

About the Medical Device Innovation Consortium

Founded in 2012, the Medical Device Innovation Consortium (MDIC) is the first public-private partnership created with the sole objective of advancing medical device regulatory science throughout the total product life cycle. MDIC’s mission is to promote public health through science and technology and to enhance trust and confidence among stakeholders. MDIC works in the pre-competitive space to facilitate the development of methods, tools, and approaches that enhance understanding and improve evaluation of product safety, quality, and effectiveness. Its initiative aims to improve product safety and patient access to cutting-edge medical technology while reducing cost and time to market. For more information, visit http://www.mdic.org.

About Booz Allen

For more than 100 years, business, government, and military leaders have turned to Booz Allen Hamilton to solve their most complex problems. As a consulting firm with experts in analytics, digital, engineering, and cyber, we help organizations transform. We are a key partner on some of the most innovative programs for governments worldwide and trusted by the most sensitive agencies. We work shoulder to shoulder with clients, using a mission-first approach to choose the right strategy and technology to help them realize their vision. With global headquarters in McLean, Virginia, our firm employs about 27,200 people globally, and had revenue of $7.5 billion for the 12 months ended March 31, 2020. To learn more, visit www.boozallen.com. (NYSE: BAH)

Todd West, VP Membership & Development

MDIC

twest@mdic.org

Source: Medical Device Innovation Consortium

FAQ

What is the MDIC cybersecurity benchmarking report about?

The MDIC cybersecurity benchmarking report assesses the cybersecurity maturity of medical device manufacturers.

Who collaborated with MDIC on the cybersecurity report?

MDIC collaborated with Booz Allen Hamilton (NYSE:BAH) on the cybersecurity benchmarking report.

When was the MDIC cybersecurity maturity report released?

The MDIC cybersecurity maturity report was released during Cybersecurity Awareness Month.

What are the key findings of the MDIC benchmarking report?

Key findings include strengths in organizational structure and weaknesses in cybersecurity design control, with no correlation found between revenue and maturity scores.

How will MDIC use the cybersecurity benchmarking report?

MDIC plans to use the report to help medical device manufacturers improve their cybersecurity practices and track progress annually.

Booz Allen Hamilton Holding Corporation

NYSE:BAH

BAH Rankings

BAH Latest News

BAH Stock Data

16.59B
125.72M
1.56%
93.7%
2.96%
Consulting Services
Services-management Consulting Services
Link
United States of America
MCLEAN