The device industry is quite familiar with whistleblower lawsuits, but Cisco Systems Inc., of San Jose, Calif., was recently forced to pay more than $8 million in connection with a qui tam lawsuit over cybersecurity lapses for video surveillance equipment sold to state and federal government agencies. The case suggests device makers will have to be up to speed on cybersecurity if they wish to avoid suffering a similar fate, particularly given a recent warning the FDA posted regarding a widespread cybersecurity vulnerability.

LONDON – France's Agence Nationale de Sécurité du Médicament et des Produits de Santé (ANSM) has published draft guidelines on the cybersecurity of medical devices, becoming the first national regulator in Europe to specify what manufacturers should do to protect devices against malicious attacks.

PERTH, Australia – The Therapeutic Goods Administration (TGA) has unveiled final guidance that details how the Australian regulator considers cybersecurity risks over the life of a medical device, including whose responsibility it is to assess and communicate risk, as well as the expectations for manufacturers under the Essential Principles. Industry had voiced concerns in reaction to the draft version of the guidance – released last December – that related to proposed changes to the Essential Principles and the use of standards. The TGA had proposed two separate guidances – one for device and in vitro diagnostic manufacturers and those that develop software for medical devices and another guidance for users.