Mr. Justin Leger reports

CYBEATS PARTNERS WITH HEALTH-ISAC, A GLOBAL HEALTHCARE CYBER & PHYSICAL SECURITY ORGANIZATION, TO DELIVER JOINT COMMERCIAL SOLUTION, 'HEALTH-ISAC SBOM STUDIO'

Cybeats Technologies Corp. has partnered with the Health Information Sharing and Analysis Center, a global organization focused on enhancing cyber and physical security in the health care industry.

Cybeats and Health-ISAC will go to market with a joint software bill of materials management solution targeting medical device manufacturers (MDMs) and health care delivery organizations (HDOs).

The Health-ISAC membership includes over 700 health care providers, pharmaceutical companies and MDMs from around the globe, which are actively committed to defending against cyber threats in health care. The partnership will offer the H-ISAC SBOM Studio to H-ISAC members and the broader health care community, which is facing increasing regulations on cybersecurity and the adoption of SBOM. This partnership creates a significant revenue opportunity for Cybeats in the medical device industry.

SBOM Studio has already been commercially validated in this market, and is being used by four of the top 10 global MDMs.

"Partnering with Health-ISAC is a game-changing leap forward for SBOM adoption and medical device security. We're now better positioned to equip the organizations that will realize the greatest benefit from our solutions --those already responding to an evolving regulatory and cyber threat landscape. We're excited to strengthen our ties with the health care sector and are enthusiastic about the commercial opportunity this represents," said Justin Leger, chief executive officer of Cybeats.

The joint solution between Health-ISAC and Cybeats allows MDMs to upload and share SBOMs and vulnerability exploitability exchange (VEX) security artifacts. Health-ISAC members, including HDOs, will benefit by having one central repository to access vital SBOM and vulnerability information, making the process less complex to address threats as they arise. This is a direct response to the Federal Drug Administration's new regulations and guidance, improving risk mitigation efforts, enhancing visibility and streamlining regulatory remits. Cybeats and Health-ISAC will be sharing more information about this initiative at the upcoming Health-ISAC Fall Americas Summit in San Antonio, Tex., Nov. 27 to Dec. 1.

"By partnering with Cybeats, Health-ISAC can offer free access to the SBOM repository for all health delivery organizations around the world -- members and non-members alike. Health-ISAC has always held a unique position when it comes to medical device security by bringing both the manufacturers and the health care delivery organizations together to address joint security issues. The SBOM repository is another groundbreaking step in enhancing security and resilience in the health sector," said Phil Englert, vice-president of medical device security at Health-ISAC.

FDA and medical device security

The U.S. Food and Drug Administration's solidified its role in regulating medical device cybersecurity with its authority to approve or reject premarket submissions based on compliance with Section 524B of the Federal Food, Drug and Cosmetic Act.

This section mandates that medical device manufacturers provide an SBOM for their devices' commercial, open-source, and off-the-shelf software components. To pro-actively manage cybersecurity risks, MDMs must maintain an accurate inventory of device components, develop vulnerability management and risk assessment processes, provide device patches, and maintain device change records. FDA's Refuse-to-Accept (RTA) authority as of March 29, 2023, emphasizes the significance of SBOM management solutions like SBOM Studio. On Sept. 26, 2023, the FDA released final (revised) premarket cybersecurity guidance, which supersedes premarket cybersecurity guidance issued on Oct. 2, 2014. The recommendations in the FDA guidance are intended to help manufacturers meet their obligations under Section 524B of the FD&C Act.

About the Health Information Sharing and Analysis Center (Health-ISAC)

Health-ISAC, a non-profit, private sector, member-driven organization, plays an essential role in providing situational awareness around cyber and physical security threats to the health care sector so that companies can detect, mitigate and respond to ensure operational resilience. Health-ISAC connects thousands of health care security professionals worldwide to share peer insights, real-time alerts and best practices in a trusted, collaborative environment.

As the go-to source for timely, actionable and relevant information, Health-ISAC is a force-multiplier that enables health care organizations of all sizes to enhance situation awareness, develop effective mitigation strategies and pro-actively defend against threats every single day.

About Cybeats Technologies Corp.

Cybeats is a cybersecurity company providing SBOM management and software supply chain intelligence technology, helping organizations to manage risk, meet compliance requirements and secure their software from procurement to development and operation. Its platform gives customers comprehensive visibility and transparency into their software supply chain, enabling them to improve operational efficiency and increase revenue.

We seek Safe Harbor.