CISA and the FBI have released a report guiding Medical Device Manufacturers on how to code their devices securely.
At the top of the priority list is a new recommendation to phase out the use of C and C++ in medical device software. While these languages can be useful in certain circumstances, they significantly compromise the security of devices.
So, what can you do about it?
Efforts to improve the security aspects of these languages are already underway. However, they may not offer a complete solution. And while transitioning to newer languages like Rust is an option, it might render existing C/C++ libraries incompatible.
What’s the answer?
This episode solves the puzzle—and here's a spoiler: it involves strategic planning. With the first deadline set for January 2026 and final submissions scheduled by 2030, these guidelines are set to bring about significant changes.
My guest, Jacob Barkai, has over a decade of experience in application development and just as much expertise in tackling security challenges.
If you like this episode, please share it with a friend 💚
Securely yours,
Cyber Doctor