BRONX, NY—The Medical Device Innovation, Safety and Security Consortium (MDISS) has announced it is developing a set of recommended practices and profiles for securing medical systems based on the normative requirements in the widely used ISA/IEC 62443 series of standards for industrial automation and control systems cybersecurity. The intent is to share the information across the network of MDISS member organisations, which includes medical device manufacturers, healthcare software companies, hospital networks and insurance companies.
The ISA/IEC 62443 standards are developed primarily by the ISA99 committee of the International Society of Automation, with simultaneous review and adoption by the Geneva-based International Electrotechnical Commission. ISA99 draws on the input of cybersecurity experts from across the globe in developing standards in a balanced, consensus process that is accredited by the American National Standards Institute. The standards are applicable to all industry sectors and critical infrastructure, providing a flexible and comprehensive framework to address and mitigate current and future security vulnerabilities in industrial automation and control systems.
The MDISS announcement follows the United Nations Economic Commission for Europe confirmation that it will integrate ISA/IEC 62443 standards into its forthcoming Common Regulatory Framework on Cybersecurity.