BD Product Security Annual Report 2023

Keypoints

• Annual cybersecurity reports usually comprise core sections such as an overview of the current cybersecurity landscape, detailed strategies for securing products, risk assessment methodologies, industry collaboration efforts, and future outlooks, providing a comprehensive view of cybersecurity posture and initiatives.
• These reports typically present key statistics, such as the 93% increase in large data breaches and 278% rise in ransomware incidents worldwide between 2018 and 2022, underscoring the escalation of cyber threats against healthcare systems.
• Notable trends include the rapid evolution of cyber threats with increased sophistication, the rise of AI-enabled cyberattacks, and expanding regulatory requirements across major regions like Japan, UK, and US, which emphasize lifecycle cybersecurity management and supply chain security.
• Significant findings emphasize that cybersecurity is integrated into product design—following principles like ‘security by design’—and ongoing vulnerability management during product lifecycle, including patching, threat modeling, and transparent disclosure processes.
• These reports also highlight ongoing industry collaborations, with organizations like H-ISAC, MedTech Europe, FDA, and international regulatory bodies, working together to promote best practices, share intelligence, and develop global standards for healthcare cybersecurity.
• Recurring themes focus on the importance of proactive risk assessments, third-party attestations such as SOC2+ and UL CAP, and transparent vulnerability disclosure to build trust and ensure patient safety in an evolving threat landscape.