Effective cybersecurity starts with a full list of medical devices and facility-related control systems to be protected. Our experience in building such inventories helps you to cover all the items concerned. Besides hardware, software, and firmware, your asset inventory for cyber protection is also likely to include data. The inventory that we build with you will therefore also include the different types of data for each medical device and FRCS (for example, patient health information, system configuration and control data, and administrative records) and physical data storage locations.
A complete inventory is the basis for applying cybersecurity. It also allows devices and systems with known vulnerabilities or security defects to be identified immediately. For example, a recent bulletin from the FDA singled out a specific infusion pump product with weak security that could allow an unauthorized user to control the device and alter the dosage delivered by the pump. By keeping the inventory up to date, it becomes a handy checklist for quickly assessing the need to respond to further device or system information from government agencies and other entities.