New FDA cybersecurity standards are a paradigm shift in device security

The new policy changes by the Food and Drug Administration (FDA) require medical device submissions to include a built-in software bill of materials to enhance security. Despite resistance from some manufacturers, the changes will significantly impact medical device and IoMT security. This policy ensures manufacturers disclose known vulnerabilities and increases the security of healthcare infrastructure. It also allows healthcare entities to recognize possible vulnerabilities in their devices. However, the policy’s full impact will only be evident in the coming years.