Medical Devices

Also, IHH Healthcare is now offering AI-based sleep monitoring solutions.

The Advanced Research Projects Agency for Health, ARPA-H, seeks to scale hospitals' cybersecurity capacity by automating patch deployments across networks and medical devices, speeding the time from vulnerability detection to software updates.

The company's Dream Sock, which received FDA 510(k) clearance in November, gathers real-time health readings, including a baby's sleep trends and pulse rate.  

The Agency has qualified Apple's atrial fibrillation history feature as a medical device development tool, allowing it to be used in clinical trials.  

To improve healthcare cybersecurity, an organization can shore up Internet-enabled device misconfigurations by starting with CIS Benchmarks, before moving on to industry-specific standards, Fortra’s Tyler Reguly said.

Also: CloudWave and FDA extend their threat intelligence partnership to offer an open-source vendor assessment framework.

Most hospitals do not patch medical devices at the same frequency as traditional networks and need compensating security controls to address their unquantified device vulnerabilities, says Richard Staynings, chief security strategist at Cylera.

The agency further defines when it considers a device to be Internet-enabled, proposes to add vulnerability disclosures and makes recommendations for cyber device maintenance plans and patch timelines.

Regulatory controls can provide a false sense of security, but there's a way to get ahead of cyber adversaries, said panelists at the HIMSS24 Healthcare Cybersecurity Forum.

Also: NIH awarded Mount Sinai researchers $4 million to develop an artificial intelligence-powered model to detect adverse outcomes of obstructive sleep apnea.