Why medical device vulnerabilities are hard to prioritize

Medical devices, operating systems and software in healthcare organizations are increasingly vulnerable to cyber attacks, causing concern among infosec experts. Although these devices often provide essential care for patients, they frequently run on legacy technology that no longer receives updates. The FDA is implementing new rules requiring medical device manufacturers to include information about device cybersecurity in pre-market submissions, but experts believe more needs to be done to fully protect against potentially fatal cyber attacks targeting healthcare systems.