Explore the most recent editions of MPO Magazine, featuring expert commentary, industry trends, and breakthrough technologies.
Access the full digital version of MPO Magazine anytime, anywhere, with interactive content and enhanced features.
Join our community of medical device professionals. Subscribe to MPO Magazine for the latest news and updates delivered straight to your mailbox.
Explore the transformative impact of additive manufacturing on medical devices, including design flexibility and materials.
Learn about outsourcing options in the medical device sector, focusing on quality, compliance, and operational excellence.
Stay updated on the latest electronic components and technologies driving innovation in medical devices.
Discover precision machining and laser processing solutions that enhance the quality and performance of medical devices.
Explore the latest materials and their applications in medical devices, focusing on performance, biocompatibility, and regulatory compliance.
Learn about advanced molding techniques for producing high-quality, complex medical device components.
Stay informed on best practices for packaging and sterilization methods that ensure product safety and compliance.
Explore the latest trends in research and development, as well as design innovations that drive the medical device industry forward.
Discover the role of software and IT solutions in enhancing the design, functionality, and security of medical devices.
Learn about the essential testing methods and standards that ensure the safety and effectiveness of medical devices.
Stay updated on innovations in tubing and extrusion processes for medical applications, focusing on precision and reliability.
Stay ahead with real-time updates on critical news affecting the medical device industry.
Access unique content and insights not available in the print edition of the MPO Magazine.
Explore feature articles that delve into specific topics within the medical device industry, providing in-depth analysis and insights.
Gain perspective from industry experts through regular columns addressing key challenges and innovations in medical devices.
Read the editor’s thoughts on the current state of the medical device industry.
Discover the leading companies in the medical device sector, showcasing their innovations and contributions to the industry.
Explore detailed profiles of medical device contract manufacturing and service provider companies, highlighting their capabilities and offerings.
Learn about the capabilities of medical device contract manufacturing and service provider companies, showcasing their expertise and resources.
Watch informative videos featuring industry leaders discussing trends, technologies, and insights in medical devices.
Short, engaging videos providing quick insights and updates on key topics within the medical device industry.
Tune in to discussions with industry experts sharing their insights on trends, challenges, and innovations in the medical device sector.
Participate in informative webinars led by industry experts, covering various topics relevant to the medical device sector.
Stay informed on the latest press releases and announcements from leading companies in the medical device manufacturing industry.
Access comprehensive eBooks covering a range of topics on medical device manufacturing, design, and innovation.
Highlighting the innovators and entrepreneurs who are shaping the future of medical technology.
Explore sponsored articles and insights from leading companies in the medical device manufacturing sector.
Read in-depth whitepapers that explore key issues, trends, and research findings for the medical device industry.
Discover major industry events, trade shows, and conferences focused on medical devices and technology.
Get real-time updates and insights live from the CompaMed/Medica conference floor.
Join discussions and networking opportunities at the MPO Medtech Forum, focusing on the latest trends and challenges in the industry.
Attend the MPO Summit for insights and strategies from industry leaders shaping the future of medical devices.
Participate in the ODT Forum, focusing on orthopedic device trends and innovations.
Discover advertising opportunities with MPO to reach a targeted audience of medical device professionals.
Review our editorial guidelines for submissions and contributions to MPO.
Read about our commitment to protecting your privacy and personal information.
Familiarize yourself with the terms and conditions governing the use of MPOmag.com.
What are you searching for?
Keep that state-of-the-art package ready and updated with the latest quotes and equipment required to achieve the goal of securing the organization.
February 26, 2025
By: Christopher Gates
Founder & CEO
In my previous column (Jan/Feb issue), I discussed the negative effects of bean counters on cybersecurity efforts and possible ways to mitigate their destructive influence. In this column, I address another, less pernicious roadblock to cybersecurity: human memory.
Humans are odd collectively. While we talk about “collective memory” and “learning from history,” what we actually exhibit is a “collective amnesia.”
For example, consider the following events from history.
Some might say, “Yeah, but some of those are just politics.” However, what are “politics” but the activities groups of people use in making decisions?
Ultimately, what we can take away from this is “humans don’t like to recall things that aren’t comfortable for them.” This is strange because you would assume a species would benefit from retaining and avoiding “bad things” that have occurred in the past. As an example, remembering a tiger ate everyone in your village except for you would sound like a good way to improve the odds of your DNA being passed on to your descendants. So, if the trait is anti-survival then why do we do this?
Behold the weird world of cognitive biases. This is a set of systemic patterns defined by psychologists as deviations from rational judgment by humans. There is a long list of cognitive biases, including confirmation bias, egocentric bias, extension neglect, framing effect (that might be responsible for the “political” influence), etc.
The focus of this article is optimism bias, which causes someone to believe they are less likely to experience a negative event even when all other information indicates the opposite. Psychologists believe we have this bias because we are mortal. If every moment we had to face the fact that each one of us is eventually going to die, we would most likely curl up in the fetal position and wait to die. As such, it makes sense why we have this bias, but it contributes to our demise as well (remember the tiger). (If any of you are immortal, feel free to drop me an email describing if you have the optimism bias or not.)
Currently, we see this occurring with the Bird Flu (H1N1 strain) and a total mishandling of this virus outbreak. We know it has spread widely among farm animals (eggs are largely unavailable and expensive, and every day, we see new notifications of herds of cows being infected). That said, is there mandatory testing of animals and humans for this virus? No, there isn’t. So, when this virus mutates and starts being transmitted from human to human, we will have nobody to blame except ourselves. (By the way, those old N95 masks you saved from the last pandemic won’t help you here; the Bird Flu’s infection vectors include the eyes.)
Combine this optimism bias with bean counters (i.e., the subject of the last Cybersecurity column) and you have the setting for a perfect storm: “We don’t want to remember this, and we don’t want to pay for any mitigations against this future negative event.”
At this point, I can already hear you saying, “Chris, you’re painting a pretty bleak picture here, mate. What am I supposed to do?”
Well, for the answer to that, let’s travel back several decades to 1982. It was then a PBS TV series called “The Constitution: That Delicate Balance” first aired. The program was an amazing series with each episode addressing a specific topic. The setting was Congress Hall in Philadelphia, with all of the participants sitting in a large circle around the host, Fred Friendly. The participants were comprised of both active and past members of government, journalists, and educators. There was even at least one former president. Fred would pose the topic of discussion and then guide the group through specific scenarios; it was an amazing dive into the minds of the movers and shakers of the day. (While I would love to re-watch this series, my eyes would scream from the standard definition video.)
In one episode, the topic was terrorism and among the participants was Secretary of State George Schultz. When asked about a terror attack, he had an interesting response: “Whenever an attack occurs, we have 72 hours in which we can respond in any way we choose. After that time, criticism and obstruction will start to occur.” (I’m paraphrasing here as this is to the best of my recollection; it has been 43 years after all.)
As “defenders,” we can use this same approach. You have evaluated, documented, and received quotes for the state-of-the-art cybersecurity mitigations you feel need to be in place, but the bean counters and collective amnesia have prevented you from moving forward with these plans. This delay puts your organization at risk. Unfortunately, this means you have exhausted your options with regard to putting the proper protections in place (or at least the plan to do so), and without authorization, you’re unable to implement it. As such, at some point, your organization is going to take a hit. When that occurs, so too will you take a hit; remember, bean counters never accept responsibility for their previous actions. Assuming the organization is going to survive this attack, you have 72 hours in which to implement the state-of-the-art mitigations you previously proposed. Everyone will be on board—or at least withhold objections—and some might even take credit for the plan.
With this in mind, keep that state-of-the-art package ready and updated with the latest quotes and equipment required to achieve the goal of securing the organization. In the event of an attack, you won’t have time to reassemble a comprehensive cybersecurity package. It is essential to strike while the board is panicked and seeking a solution. Take the cybersecurity solution directly to the board; don’t allow any middle managers to get in the way.
You’re not going to receive additional funding at a later date, so include support contracts and any ongoing expenses in your package.
Finally, don’t expect anyone to thank you for this or a pat on the back, but it will allow you to accomplish your job.
In the next Cybersecurity column, I will leave these abstract “adverse working environments” as a topic behind and return to more traditional cybersecurity subject matter.
Christopher Gates is a recognized thought leader in medical device cybersecurity and the current co-chair for H-ISAC’s MDSC. He has more than 50 years of experience developing and securing medical devices and works with numerous industry-leading device manufacturers. He frequently collaborates with regulatory and standard bodies, including the CSIA, Health Sector Coordinating Council, H-ISAC, and Bluetooth SIG.
Enter the destination URL
Or link to existing content
Enter your account email.
A verification code was sent to your email, Enter the 6-digit code sent to your mail.
Didn't get the code? Check your spam folder or resend code
Set a new password for signing in and accessing your data.
Your Password has been Updated !
