FDA Appoints Renowned Cybersecurity Researcher to Head Agency's Medical Device Cybersecurity Efforts

Lisa Dwyer, Eric Henry, Steven Niedelman, D. Kyle Sampson, Elaine Tseng
King & Spalding
Contact
LinkedIn
Facebook
X
Send
Embed

Earlier this week, FDA’s Center for Devices and Radiological Health (CDRH) announced the appointment of Professor Kevin Fu, Associate Professor at the University of Michigan, as the Center’s first Acting Director of Medical Device Cybersecurity, which portends increased focus on cybersecurity issues. The appointment of Dr. Fu is for one year, to serve on an acting basis, and includes responsibilities in CDRH’s Digital Health Center of Excellence.

Professor Fu is highly credentialed, with B.S., M.Eng. and Ph.D. degrees from the Massachusetts Institute of Technology (MIT). He co-authored the seminal, well-publicized paper on the cybersecurity vulnerabilities inherent in implantable cardiac defibrillators (ICDs) — “Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero- Power Defenses” (2008). That paper brought the possibility of malicious attacks on connected medical devices to the attention of the industry, FDA, and the public. It was a primary motivator for an increased sense of urgency to address cybersecurity issues across the sector.

For more than 15 years, Professor Fu has been an outspoken champion of increased cybersecurity awareness and the implementation of best practices to protect medical devices and the patients that depend on them. While serving as Associate Professor at the University of Massachusetts Amherst, he founded the Archimedes Center for Healthcare and Device Security and worked as a visiting scientist at Microsoft, FDA’s CRDH, and MIT. Professor Fu has testified before both houses of the U.S. Congress on medical device cybersecurity, and he has served in advisory roles to a number of federal agencies.

This appointment is widely seen by cybersecurity experts as an indicator of FDA’s increased commitment to advance its regulatory guidance priorities. This includes updating its premarket cybersecurity guidance and guidance on the content of premarket submissions for software contained in medical devices, both of which FDA has identified as “A-list” priorities for issuance in FY 2021. It will also increase the technical level of scrutiny the Agency applies to premarket product evaluations and facility inspections.

Written by:

King & Spalding
King & Spalding
Contact
more
less

King & Spalding on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide