#mWISE: US to Implement Game-Changing Cyber Mandates on Medical Device

From October 2023, the US Food and Drug Administration (FDA) will reject any new medical device with cybersecurity vulnerabilities. Under new rules, applicants must provide assurance of regular security updates and patches, a software bill of materials (SBOM), and a plan to monitor, identify and address cybersecurity issues, even after FDA approval. This legislation applies to medical devices that connect to the internet, use software, and have technology that could be vulnerable to a cybersecurity threat.