Health Systems Must Develop Plans to Assume Cyber Responsibility for Medical Devices When Manufacturer Support Wanes

As medical devices grow more connected and reliant on networked systems, healthcare organizations must take a more active role in securing them throughout their lifecycle, according to a new report from Health-ISAC. 

The report outlines the shifting responsibilities of cybersecurity management as devices transition from manufacturer support to the hands of healthcare delivery organizations (HDOs), emphasizing that HDOs cannot rely solely on manufacturers to maintain security over time.

Sections covered in this article include:

• Shifting Cybersecurity Responsibilities to HDOs
• Managing Risks for Legacy Devices
• Documentation and Compliance Challenges
• Take It Away
• A Call for Proactive Security Measures

Read the full article in HealthSystem CIO.com. Click Here

• Related Resources & News
• 2025 Newsletter – March
• Health-ISAC 2024 Annual Report
• Healthcare Cyberattacks Continue to Escalate in 2025
• Trump’s CISA Cutbacks Worry Cybersecurity Pros
• Top 5 cybersecurity concerns for healthcare in 2025
• Change Healthcare’s Mega Attack: 1 Year Later
• Health-ISAC Finds Ransomware & Third-Party Breaches Dominate 2025 Threats
• ISAC chief on CISA security rollbacks: ‘The sky isn’t falling, yet’
• Building a Collective Defense: Collaborative Threat Intelligence and Information Sharing for Critical Infrastructure
• Healthcare Heartbeat 2024 Q4