Cybersecurity vulnerabilities in medical devices: A complex environment and multifaceted problem

Patricia Williams, Andrew Woodward

    Research output: Contribution to journalArticlepeer-review

    158 Citations (Scopus)


    The increased connectivity to existing computer networks has exposed medical devices to cybersecurity vulnerabilities from which they were previously shielded. For the prevention of cybersecurity incidents, it is important to recognize the complexity of the operational environment as well as to catalog the technical vulnerabilities. Cybersecurity protection is not just a technical issue; it is a richer and more intricate problem to solve. A review of the factors that contribute to such a potentially insecure environment, together with the identification of the vulnerabilities, is important for understanding why these vulnerabilities persist and what the solution space should look like. This multifaceted problem must be viewed from a systemic perspective if adequate protection is to be put in place and patient safety concerns addressed. This requires technical controls, governance, resilience measures, consolidated reporting, context expertise, regulation, and standards. It is evident that a coordinated, proactive approach to address this complex challenge is essential. In the interim, patient safety is under threat.

    Original languageEnglish
    Pages (from-to)305-316
    Number of pages12
    JournalMedical Devices: Evidence and Research
    Publication statusPublished - 20 Jul 2015


    • Cybersecurity
    • Medical devices
    • Risk
    • Safety
    • Security
    • Wireless


    Dive into the research topics of 'Cybersecurity vulnerabilities in medical devices: A complex environment and multifaceted problem'. Together they form a unique fingerprint.

    Cite this