Report reveals that nearly 90% of product security professionals feel they need to improve on key areas such as SBOM analysis and compliance readiness
Israel, Tel Aviv, April 20, 2022 – Cybellum, the leading provider of the Product Security Platform that enables product and device manufacturers and suppliers to continuously detect, manage, and remediate cyber threats and security vulnerabilities, released today its Medical Device Cybersecurity: Trends and Predictions 2022 Survey Report.
Medical device security has become an extremely complex challenge. With medical devices becoming software-driven machines, and the rapid pace at which cybersecurity risk evolves due to new vulnerabilities, complex supply chains, new suppliers, and new product lines, it has become seemingly impossible to keep the entire product portfolio secure and compliant at all times. It is now more important than ever to learn from peers and try to find the best way forward.
In this survey, security experts from hundreds of medical device manufacturers were asked, what their main challenges are and how they plan to address them in 2022, and beyond.
Here are some of the interesting things the survey revealed about medical device manufacturer’s security readiness:
- Respondents’ top security challenge is managing a growing set of tools and technologies, partly explained by the lack of high-level ownership
- 75% of respondents noted that they don’t have a dedicated senior manager responsible for device cybersecurity
- Almost 90% admitted they need to improve on key areas, such as SBOM analysis and compliance readiness
- Almost 50% increased their cybersecurity budget by more than 25% in 2022
- More than 55% of medical device manufacturers do not have a dedicated response team (PSIRT) in place
“We embarked on this survey to gain a more comprehensive understanding of the main challenges facing product security teams at medical device manufacturers, as part of our effort to help to better secure the devices,” said David Leichner, CMO at Cybellum. “Some of our findings were quite surprising and highlight serious gaps that exist both in processes for securing medical devices and in regulation compliance. We believe that medical device manufacturers, their suppliers, compliance professionals, and even product security professionals from other industries, can all benefit from reading the results and key findings from this survey.”
Cybellum enables medical device manufacturers to keep the products they build secure and compliant, every single moment of their life. Industry leaders use Cybellum’s Product Security Platform to fuse security into every phase of the product life cycle. Powered by Cyber Digital Twins™ technology — a live digital replica of every software component inside your devices – Cybellum allows product security teams to manage cyber risk continuously, whatever new threat arises.
From living SBOMs to automated vulnerability management and continuous monitoring, teams can ensure their product portfolio is secure from design to post-production and beyond. To learn more visit cybellum.com