Over the last 10 years we have spent a lot of time researching cybersecurity vulnerabilities for medical devices. In that time several themes arise repeatedly; information is highly fragmentary, if it can be found at all, and it is poorly cross-referenced. Even our good friends to the South have not managed to compile a good, accessible, and centralized store of cybersecurity information as it relates to medical technology. There are many good sources; the FDA, CISA, HHS, DHS (and many more 3-letter acronyms) but none, that we have found, put all the information in one usable and easily digestible location and format.
Our Goal
Cy4Med.ca hopes to help with fill that void. We have gathered cybersecurity vulnerability information from all over the internet and currently use in excess of 100 sources to concentrate that information. We then do our best to cross-reference the data to allow you to have all the information in one place. Our database has vulnerability information from over 85 medical device vendors, covers 1100+ CVE’s for over 1000 vulnerabilities specific to medical devices. We can tell you if a CVE impacting a medical device is being exploited in the wild to help you prioritize your limited time and resources. We also access and display an algorithm that provides a probability that a vulnerability is going to start being exploited in the next 30 days.
As of July here is some information from our database:
300+
Vendor Alerts only found on their website – NO other sources
100+
Unique sources searched
200+
Medical device related CVE’s that have known exploits
We’re more than just a database
In our extensive exploration of the internet we have amassed an extensive number of documents that relate to cybersecurity, and some specifically to cybersecurity of medical devices. If you need reference materials, guidance documents, or to learn about cybersecurity and healthcare, we very likely have something you’d be interested in reading in our documents repository.
So…. sounds good. How do I get access?
Currently the database exists but is only accessible by SQL queries directly on the database. Our next order of business after getting our site up and running and the document library online is to work out the best front-end for our database. The goal is to have it online for Q2 2024.
Our documents repository is available now and more information on how to access it can be found here.
Membership has its privileges
Site members get early beta-access and offered reduced membership fees as early adopters so please join our community and help contribute.
Leave a Reply
You must be logged in to post a comment.