FDA May Seek Authority To Require Devices Be Designed With Cybersecurity, Have Companies Disclose Vulnerabilities

FDA's device center may ask Congress for authority to require medical device makers build cybersecurity into their upfront product designs and, once a product is marketed, to disclose any vulnerabilities as they are identified. The agency also envisions requiring device makers to include in their premarket submissions a Software Bill of Materials that would be made available to customers and users so they can better manage networked assets and be aware of which devices may be vulnerable. The agency's aggressive...