Cyber Security Expectations in the Medical Supply Chain

In this episode of InfoSec Insider – Talk Cyber, Stuart Moran and George Ryan, Consultants at URM, explore recent shifts in cyber security expectations and regulatory requirements faced by organisations in the medical supply chain, both in the UK and across the globe.  Stuart and George leverage their extensive experience helping organisations in the medical sector enhance information and cyber security to discuss:   

• The NHS’ recent open letter to suppliers, which highlights tighter scrutiny and more direct engagement, and what this means for NHS suppliers
• Which of the NHS’ new cyber security requirements for suppliers (MFA, continuous monitoring and immutable backups) will be most challenging to embed and why
• The biggest gaps and understanding or readiness among suppliers implementing the Data Security and Protection Toolkit (DSPT), and the practical differences between Categories 2 and 3 of the DSPT
• How shifts in standards such as ISO 13485 and the broader medical device regulatory landscape will influence suppliers’ design and manufacturing of their products, particularly around software and AI
• How the FDA’s power to deny market access to medical devices with insufficient cyber security may impact UK suppliers operating internationally, and whether this hints at a broader, global trend towards stricter cyber controls.

Learn more about this topic:

• https://www.urmconsulting.com/blog/iso-13485-and-beyond-key-updates-shaping-the-medical-device-regulatory-landscape 
• https://www.urmconsulting.com/blog/nhs-cyber-security-open-letter-what-does-it-mean-for-suppliers

If you enjoyed this episode of InfoSec Insider – Talk Cyber, you can leave us a rating and review here: https://ratethispodcast.com/infosecinsider          

You can find more episodes of InfoSec Insider here: https://urmconsulting.com/podcasts        

Brought to you by URM, the UK’s leading information and cyber security specialists.