All systems fail; the difference is the consequences. An implanted medical device may have different threats, technologies, and attacker motivations than a banking or telecom system, but the security principles are the same. The recent FDA-issued guidance, while new to the mandate but not to the technology/security industry, states that all new medical device applicants must now submit a plan on how to:
