News

Nova Leah Shortlisted for Five Top Tech Awards

PRESS RELEASE: Irish Cybersecurity Software Firm Nova Leah Shortlisted for Five Top Tech Awards   [Dublin, Ireland, Oct 22 2019] Dundalk-based company, Nova Leah continues to stand out in the cybersecurity sector, with nominations for five awards across three different technology award events in Ireland. The medical device cybersecurity company, founded by award-winning female entrepreneur …

Nova Leah Shortlisted for Five Top Tech Awards Read More »

Research, Landmark Achievements and the Future: An Interview with Fergal McCaffery

In September, Nova Leah Cofounder, Fergal McCaffery, was appointed the first Professor of Computer Science at Dundalk Institute of Technology and won the Lero President’s Award for Innovation and Entrepreneurship. Fergal is internationally recognised for his contributions to medical device software engineering. His research team has led the development of four International Standards/Technical reports for the global medical device software community.   We …

Research, Landmark Achievements and the Future: An Interview with Fergal McCaffery Read More »

Nova Leah’s Key Takeaways From MedTech Boston

October is National Cybersecurity Awareness Month (NCSAM) in the United States. A collaborative effort between government and industry, this campaign aims to raise awareness about the importance of cybersecurity. This coincides with CyberSecMonth, the EU’s annual equivalent that builds awareness across Europe.   Towards the end of September, before National Cybersecurity Awareness Month had begun, MedTech Boston Conference took place. During this three-day event, more than 3,300 of the world’s top MedTech executives gathered in Boston to discuss the latest news, insights, innovations and business development opportunities related to the medical device industry.   Rather …

Nova Leah’s Key Takeaways From MedTech Boston Read More »

Nova Leah Receives Certification for ISO 27001 and ISO 9001

PRESS RELEASE: Nova Leah in Double Whammy for ISO Certification, Having Successfully Achieved ISO 27001 For Information Security Management and ISO 9001 for Quality Management   [Boston, MA, Monday 23rd September, 2019] Nova Leah, a leading cybersecurity solutions provider for medical device manufacturers, announced this week that it has achieved certification to ISO 9001 in …

Nova Leah Receives Certification for ISO 27001 and ISO 9001 Read More »

Nova Leah’s Key Takeaways From Black Hat and DEFCON 2019

Every August, thousands of cybersecurity professionals and top security minds descend upon Las Vegas to experience what has become one of the biggest weeks in the information security calendar. Dual conferences held back to back, Black Hat and DEFCON, provide a 360 view of today’s security landscape. Tackling the issue of internet security from opposing …

Nova Leah’s Key Takeaways From Black Hat and DEFCON 2019 Read More »

Medical Device Cyber Threats Are Real And Ever Present – How To Implement Effective Security Risk Management

Cybersecurity threats to connected medical devices are real, ever-present, and continuously changing according to the US Federal Drug Administration (FDA). Hospital networks are experiencing constant attempts of intrusion and attack posing a serious threat to patient safety. Increased connectivity of medical devices to hospital IT-networks provides significant benefits to patient care but also exposes both manufacturers, …

Medical Device Cyber Threats Are Real And Ever Present – How To Implement Effective Security Risk Management Read More »

Medical Device Cybersecurity Company Targets $50 Billion Global Connected Medical Device Market

Lero researchers from the Regulated Research Centre at Dundalk Institute of Technology have launched a new medical device cybersecurity company that plans to create 78 jobs over the next four years. The Lero DkIT spinout company, Nova Leah (www.novaleah.com) has developed an expert cybersecurity risk management software application aimed at global medical device manufacturers and …

Medical Device Cybersecurity Company Targets $50 Billion Global Connected Medical Device Market Read More »

Selectevidence®Provides The Medical Device Industry With The Only Expert Cybersecurity Risk Management Solution

NOVA LEAH Continues to set the standard for cybersecurity risk management solutions in the medical device industry The experts at Nova Leah have developed SelectEvidence® to address the industry drivers and challenges facing medical device manufactures today and in the future. SelectEvidence® is a turnkey collaborative cybersecurity expert system that supports medical device manufacturers in designing, verifying …

Selectevidence®Provides The Medical Device Industry With The Only Expert Cybersecurity Risk Management Solution Read More »

Biggest Challenge Facing the Connected Medical Device Industry

Executive Summary

Connected medical device vulnerabilities continue to proliferate at an alarming rate. Hospital networks are consistently under attack posing a
significant threat to patient safety, and medical device manufacturers arestruggling to implement cybersecurity risk management requirements using
proven standardized and collaborative risk management frameworks.

On the regulatory side, conducting a cybersecurity risk assessment is now a mandatory requirement for all connected medical devices. In 2014, FDA
issued guidance for premarket cybersecurity risk management which was quickly followed by a subsequent guidance outlining recommendations for
postmarket cybersecurity risk management. This regulatory document sets out expectations for manufacturers to consider cybersecurity throughout
the entire lifecycle of a device by developing “a structured and comprehensive program to manage cybersecurity risks” even after their products have
been sold.

In this article we explore the biggest challenges facing the medical device industry with regards to cybersecurity and the benefits of implementing an
expert medical device risk assessment software solution such as SelectEvidence® from Nova Leah.

Biggest Challenges Facing the Medical Device Industry with Regards to Cybersecurity

A 2017 Deloitte & Touche LLP poll indicated more than one-third of surveyed professionals in the Internet of Things-connected medical device
ecosystem say their organizations have experienced a cybersecurity incident in the past year. This figure is sure to rise, and will result in significant
impacts to product development resourcing and costs, patient safety and trust, recalls, and potential regulatory fines.

Further polling by Deloitte exposed the following as top challenges to be addressed…


Figure 1: Key medical cybersecurity challenges – Source: 2017 Deloitte Development LLC, Medical Devices and the Internet of Things: A three-layer defense against cyber threats

SelecEvidence® the Expert Cybersecurity Risk Management Solution for Medical Device Industry

The experts at Nova Leah have developed SelectEvidence® to address
these very challenges. SelectEvidence® is a turnkey collaborative cybersecurity expert system
that supports medical device manufacturers in designing, verifying and
certifying connected medical devices to meet these FDA guidelines and
industry security standards. It also assists healthcare providers in the
selection, acquisition and risk management of medical devices on their healthcare networks.SelectEvidence® allows stakeholders to identify cybersecurity
requirements for their devices using proven standards within a
collaborative framework. SelectEvidence® is supported by state of the
art repositories and machine learning capabilities which inform each
step of the risk management process providing full traceability from
risk identification to treatment.SelectEvidence® facilitates and informs all premarket and postmarket
risk management activities. With the functionality to import a Software
Bill of Materials (sBoM), SelectEvidence® continuously surveys for
newly identified vulnerabilities alerting users to these findings and
suggested mitigations. The system is a cradle to grave solution,
managing cybersecurity processes from product development, market
approval, integration, use, to product retirement.SelectEvidence® can be deployed as a standalone cybersecurity expert
system for an individual stakeholder or can be used as a collaborative
solution for managing risk and information sharing between both
manufacturers and healthcare providers.
SelectEvidence® not only assists medical device manufacturers to fully
comply with FDA
recommendations it also:
Accelerates medical device design, development and validation
Addresses the scarcity of security professional resources
challenging many device manufacturers
Automatically generates MDS2 forms
Breaks down knowledge barriers between manufacturers and
healthcare providers, improving the security of a device over its
lifetime
Produces documentary evidence of compliance to regulators,
auditors and customers
Reduces costs associated with postmarket surveillance,
coordinated vulnerability disclosure and reporting
Reduces the likelihood of product recalls due to cybersecurity
vulnerabilities
Reduces the time spent uncovering vulnerabilities and selecting
the appropriate mitigating controls to support a device in
operation
Reduces time-to-market for new 510k and PMA submissions