DITTA White Paper on Cybersecurity 2019

Brussels - 11 February 2019


DITTA announces today the release of its new White Paper on cybersecurity, which shares best practices in the medical technology manufacturing environment. This White Paper identifies a series of industry best practices and guidelines that medical technology manufacturers can implement to improve their cybersecurity sophistication within their manufacturing facilities and engineering processes.

This document provides guidelines for proactive and reactive security, with a focus on people, processes, and systems. It addresses how manufacturers can increase their levels of cybersecurity sophistication through following seven fundamental principles:

1.       Segmenting Networks

2.       Understanding Data Types and Flows

3.       Hardening Devices

4.       Monitoring Devices and Systems

5.       User Management

6.       Updating Devices

7.       Providing a Recovery Plan/Escalation Process.


For each of these fundamental principles, the relevant document sections contain an identification of threats, their relevance (including appropriate informative reference standards or other documents that may apply), an analysis to determine implications, and recommendations that manufacturers should incorporate.

Nicole Denjoy, Chair of DITTA, said, “We are proud to announce the release of this Paper, a truly international effort.” Ken Zalevsky of Bayer, representing MITA, and Chair of the DITTA Cybersecurity Working Group, noted, “This Paper provides valuable insights and ideas that will help manufacturers mitigate their potential cybersecurity risk.” “The White Paper reflects the consensus of a variety of medical technology manufacturers,” added Keiichiro Ozawa of FUJIFILM, representing JIRA, and the Vice Chair of the DITTA Cybersecurity Working Group.

The White Paper can be found here.