Virta Blabs

bac.jpg

Should I 510(k) or Should I Go? What New FDA Guidance Means and Why it Matters

Posted by Ben Ransford on Oct 27, 2017 7:30:00 AM

This week FDA released several crucial guidance documents that are strongly relevant to cybersecurity. In regulatory fashion, the documents have very different names and are easy to tell apart, making it easy to talk about them at the same time.

Read More

Topics: Medical Device Security, IoT, Connected Medical Devices

Why Penetration Testing in Healthcare Isn't Enough

Posted by Ben Ransford on Jun 26, 2017 7:01:00 AM

That thumping sound is the drumbeat of healthcare cybersecurity news stories. Ransomware, malware, spyware, records theft, covered entities, breaches. Suddenly hospital board members are asking questions about cybersecurity preparedness. That's healthy.

When the board starts knocking, well-meaning CISOs and security teams spring into action, ordering up assessments and other services from a growing cottage industry of third-party security consultants. That's healthy too — healthcare is one of many industries that needs an ecosystem of support around security activities.

The best assessments are sound, complete, and actionable. The worst ones ain't.

Given a statement of work from a third-party assessor, how can you tell whether it's sound, complete, and actionable? That's for a forthcoming post. This post is about one kind of unhelpful assessment: the kind that's only a penetration test.

Read More

Topics: Clinical Cybersecurity, Connected Medical Devices, Medical Device Risk Assessments

How health systems recognize cybersecurity awareness month: medical device security webinars

Posted by Kevin Fu on Oct 13, 2016 10:30:48 PM

How is your health system recognizing October as National Cybersecurity Awareness Month? Last year, we were invited to speak in an exclusive webinar for clinical engineers and IT staff at the 12 hospitals within the University of California Health System. This year, we help hospitals recognize National Cybersecurity Awareness Month in two ways. First, we co-authored a commentary in Modern Healthcare with our colleagues from AAMI, UMHS, and BIDMC on why hospitals need better cybersecurity, not more fear. Second, we decided to make a live webinar available to any health system! To learn more, sign up for our Halloween Medical Device Security webinar. 
Register for Free Webinar

Read More

Topics: Medical Device Security, Healthcare IoT, Healthcare IT, Clinical Information Security, Connected Medical Devices

Virta Labs Receives $750K Grant for Healthcare Security

Posted by Ann Gookin on Mar 25, 2016 6:00:00 AM

Ann Arbor, MI, March 25, 2016 — Healthcare security company Virta Laboratories, Inc. received a $750K grant from the NSF Small Business Innovation Research (SBIR) program. Virta Labs provides solutions for hospitals and medical device manufacturers to measure and visualize exposure to cybersecurity risks without interrupting clinical workflow. The company plans to use the federal grant to extend its product lines into healthcare delivery organizations that face serious cybersecurity challenges. Virta Labs received a Phase I grant from the same program in 2015.

Read More

Topics: Healthcare Cybersecurity, NSF SBIR, Medical Device Security, Healthcare IoT, Clinical Engineering, Connected Medical Devices

INTERN SPOTLIGHT: JESSICA HACKS MEDICAL DEVICES

Posted by Ann Gookin on Jan 26, 2016 4:33:24 PM

I asked our (now famous) intern Jessica to share a sampling of some of the "crazier" things she's seen during her time at Virta.  Read on for a selection of her findings while poking around on some medical devices.

 

Read More

Topics: RECRUITING, Healthcare Cybersecurity, Medical Device Security, Healthcare IoT, COTS, Connected Medical Devices