Dive Brief:

  • FDA has named Kevin Fu, a University of Michigan associate professor, to serve a one-year term as acting director of medical device cybersecurity at the agency’s Center for Devices and Radiological Health.
  • The longtime security advocate and researcher will serve as an “expert in residence” and the FDA’s first medical device cyber chief in CDRH’s Office of Strategic Partnerships and Technology Innovation. His role also includes an appointment with the Digital Health Center of Excellence, which was launched in September to better coordinate policy and regulatory approaches tailored for the fast-growing technologies.
  • Cybersecurity experts applauded the appointment. Chris Gates, director of product security at medical device engineering firm Velentium, said Fu can help FDA make significant progress on the regulatory front in 2021 with release of the second draft of the premarket cybersecurity guidance, and potentially a new draft of postmarket cyber guidance.

Dive Insight:

FDA in 2018 released its Medical Device Safety Action Plan and draft guidance on cybersecurity considerations for premarket submissions. However, since then, the agency has made little progress on the cyber regulatory front, especially last year as FDA’s medical device priorities were disrupted by the COVID-19 pandemic.

Making matters worse, cyber experts contend the chaos of the coronavirus public health crisis has created the perfect storm for hackers to exploit medical device vulnerabilities, which are potentially easy targets for cybercriminals who see them as entry points into hospital networks.

However, cyber experts see Fu’s appointment as FDA’s first medical device cybersecurity chief as an indication that the agency is looking to make cyber a priority in 2021.

Velentium’s Gates described Fu as an academic who “gets” cybersecurity while bringing an innate ability to easily communicate complex cyber topics to lay audiences.

“I can’t think of a better person to fill this role. Not only does he understand all aspects of medical device cybersecurity, but his background spans both small embedded ‘resource constrained’ devices as well as PC-based devices,” Gates added.

With Fu’s appointment, Gates sees 2021 as being a potentially major year for FDA cybersecurity initiatives that stalled last year during the pandemic.

Looking ahead, the new year will be more of a reset as the center looks to both manage coronavirus response-oriented work and move forward with projects unrelated to COVID-19, Jeff Shuren, director of CDRH, said in December.

Suzanne Schwartz, director of CDRH’s Office of Strategic Partnerships and Technology Innovation, said in a written statement Monday that Fu’s academic background and real-world experience combined with “sound” FDA regulatory approaches will “make a potent combination to further advance medical device cybersecurity along with innovation and patient safety in a holistic manner.”

While cyber experts and law enforcement have been raising the red flag for years about the security vulnerabilities of networked medical devices, Nick Yuran, CEO of cybersecurity consultancy Harbor Labs, contends that as the computing and networking technologies in devices have grown increasingly more sophisticated, FDA regulatory policy has become critically important to address these vulnerabilities.

“Creating this new position and bringing someone of Kevin Fu’s caliber into the FDA is testimony to the expanding importance regulators are placing on medical device security,” Yuran said.

7 thoughts on “FDA appoints first medical device cybersecurity chief

  1. whoah this blog is wonderful i really like reading your articles. Keep up the great paintings! You realize, a lot of people are hunting round for this info, you could help them greatly.

  2. whoah this blog is wonderful i really like reading your articles. Keep up the great paintings! You realize, a lot of people are hunting round for this info, you could help them greatly.

  3. I have read so many posts about the blogger lovers however this post is really a good piece of writing, keep it up

Leave a Reply

Your email address will not be published. Required fields are marked *