Products Intelligence Pricing Methodology Contact
TECHNOLOGY, AI & COMPETITION

Medical device cybersecurity

Medical device cybersecurity is now a direct compliance obligation for Technology, AI and Competition sector firms that develop, integrate, or distribute connected health technologies. The U.S. Food and Drug Administration finalized its cybersecurity requirements for premarket submissions under Section 524B of the FD&C Act, and the European Commission's European Medicines Agency is aligning device security expectations with the EU Cyber Resilience Act, creating a dual-jurisdiction burden that legal and risk teams are actively mapping. Compliance officers in this sector are not waiting for enforcement: they are auditing third-party software bills of materials and vendor patch-management commitments now.

Watch

  • FDA Section 524B premarket cybersecurity submission requirements, effective March 2023
  • EU Cyber Resilience Act obligations as applied to connected medical devices and SDKs
  • Software Bill of Materials mandates: which vendor contracts need updated disclosure terms
  • U.S. Federal Trade Commission scrutiny of health data security practices in AI-enabled devices

Recent material activity in Technology, AI & Competition

  • Apr 11, 2026 MATERIAL

    NIST releases updated AI Risk Management Framework companion guide for critical infrastructure

    NIST published AI RMF 1.1 companion guidance specifically addressing AI deployment in critical infrastructure sectors including energy, financial services, and healthcare. The guide introduces mandatory risk assessment c…

    Read a full sample brief →