The FDA has made it abundantly clear that it expects medical device manufacturers and other life sciences firms to have strong cybersecurity management programs. Since the FDA hasn’t always been clear on what it expects on a granular level, the Common Vulnerability Scoring System can provide much-needed guidance.

Common Vulnerability Scoring System (CVSS)
The FDA is directing pharmaceutical and medical device manufacturers to an important document from the nonprofit FIRST organization that helps manufacturers identify and prioritize risk. It’s called the Common Vulnerability Scoring System (CVSS) v3.0.

 …