The FDA approved a tool Oct. 20 that evaluates and assigns scores to cybersecurity vulnerabilities in medical devices and IT systems.
Mitre Corp., a nonprofit that operates federally funded research and development centers, developed the new rubric. The rubric is for assigning Common Vulnerability Scoring System scores to medical device vulnerabilities and works by developing a framework to evaluate the risks and communicate between all involved parties, including device developers.
As part of the FDA's Medical Device Development Tools program, the new rubric accounts for clinical outcomes assessments, biomarker tests and nonclinical assessments.