Business Wire01.24.17
Promenade Software Inc. is launching MedISAO, an Information Sharing and Analysis Organization dedicated to improving the cybersecurity of medical devices through education, awareness and advocacy. MedISAO provides a community for medical device manufacturers and service providers, to collaborate and distribute information about cybersecurity threats and vulnerabilities that may affect the integrity and security of their devices.
Individuals and companies that are involved in design, manufacturing, or support of medical devices are welcome to join MedISAO. Members receive ongoing cybersecurity risk and threat information, allowing them to proactively address vulnerabilities before device safety is impacted. Participation is for experts and novices. The community will help evaluate vulnerabilities, share applicable response approaches, and promote best practices.
Daniel Beard, director of MedISAO, is a security expert with years of experience in the field. Daniel holds a bachelor of science degree in computer science from the University of California at Irvine. He is passionate about security and heavily involved with the security community. As vice president of technology for Promenade Software, he has designed premarket cybersecurity solutions and is excited to be involved in postmarket vigilance.
“As medical devices become connected to networks, mobile platforms, and the cloud, security becomes paramount. Cybersecurity vulnerabilities create risks for patients and the community,” Beard said. “As director of MedISAO, I am committed to helping preserve patient safety and trust.”
MedISAO is a registered ISAO providing compliance with the U.S. Food and Drug Administration's guidance in the postmarket management of cybersecurity in medical devices. As such, member information is treated as protected critical infrastructure information, shielded from release. If an active participant of MedISAO discovers cybersecurity vulnerabilities postmarket, they will be exempt from the reporting requirements under 21 CFR part 806, provided the threat is remediated within the required timeline, and no serious adverse events have occurred.
Irvine, Calif.-based Promenade Software provides contract software development and postmarket services for medical devices. Its engineers have expertise from low-level firmware to applications, mobile apps, and cloud services. From implementation of premarket cybersecurity to ongoing postmarket security maintenance, Promenade Software is dedicated to the continued effort of increasing medical device security and safety.
Individuals and companies that are involved in design, manufacturing, or support of medical devices are welcome to join MedISAO. Members receive ongoing cybersecurity risk and threat information, allowing them to proactively address vulnerabilities before device safety is impacted. Participation is for experts and novices. The community will help evaluate vulnerabilities, share applicable response approaches, and promote best practices.
Daniel Beard, director of MedISAO, is a security expert with years of experience in the field. Daniel holds a bachelor of science degree in computer science from the University of California at Irvine. He is passionate about security and heavily involved with the security community. As vice president of technology for Promenade Software, he has designed premarket cybersecurity solutions and is excited to be involved in postmarket vigilance.
“As medical devices become connected to networks, mobile platforms, and the cloud, security becomes paramount. Cybersecurity vulnerabilities create risks for patients and the community,” Beard said. “As director of MedISAO, I am committed to helping preserve patient safety and trust.”
MedISAO is a registered ISAO providing compliance with the U.S. Food and Drug Administration's guidance in the postmarket management of cybersecurity in medical devices. As such, member information is treated as protected critical infrastructure information, shielded from release. If an active participant of MedISAO discovers cybersecurity vulnerabilities postmarket, they will be exempt from the reporting requirements under 21 CFR part 806, provided the threat is remediated within the required timeline, and no serious adverse events have occurred.
Irvine, Calif.-based Promenade Software provides contract software development and postmarket services for medical devices. Its engineers have expertise from low-level firmware to applications, mobile apps, and cloud services. From implementation of premarket cybersecurity to ongoing postmarket security maintenance, Promenade Software is dedicated to the continued effort of increasing medical device security and safety.