Becton Dickinson (BD) has initiated the Product Security Partnership Programme to encourage alliances in the healthcare industry for improving the cyber security of medical technology and devices.
The programme seeks partnership with government agencies, industry associations, and security researchers.
BD also plans to collaborate with UL to be a part of the UL cybersecurity cooperative research and development agreement (CRADA) and to use the firm’s ANSI UL 2900 cybersecurity standard.
ANSI UL 2900 is designed to reduce risks and exploitation, tackle known malware, boost security controls and extend security awareness, while CRADA aims to improve patient safety and security.
BD will also implement a cyber security vendor certification programme, under which the firm will verify third-party security technologies compatible with its products.
BD Product Security director Rob Suarez said: “Intelligent and connected medical technologies have transformed how healthcare providers diagnose and treat patients.
“As cyber attacks become more sophisticated and attempt to find vulnerabilities through an interconnected health system, medical technology companies, healthcare providers and government agencies need to collaborate even more to protect patients.”
The firm is participating in the National Institute of Standards and Technology (NIST) Secure Wireless Infusion Pump Programme and worked with the Health Care Industry Cybersecurity Task Force to offer recommendations on enhancing cyber security across the healthcare sector.
BD committed for disclosure of any potential vulnerabilities in its products through the US Food and Drug Administration (FDA) and National Health Information Sharing and Analysis Centre (NH-ISAC).
