Cybeats Technologies signed a license agreement for its SBOM Studio with a prominent global medical device manufacturing company.
Cybersecurity provider Cybeats Technologies signed a license agreement for SBOM Studio with a global medical device manufacturing (MDM) company, ranking in the top 5 based on revenue.
This license marks Cybeats’ second commercial agreement with MDM providers from the global top 5. Cybeats also recently announced a pilot evaluation with another MDM from the top 5, and the commercial pipeline has expanded to include several MDMs from the global top 20.
“Securing a contract with another prominent medical device company highlights the increasing demand for SBOM Studio,”said Bob Lyle, CRO of Cybeats. “Our platform offers comprehensive solutions for risk management and supports compliance with the recently mandated FDA requirements, ensuring enhanced cybersecurity for the healthcare industry. We expect that the Healthcare IT and MDM sector will continue to be a significant catalyst for Cybeats’ commercial expansion.”
Cybeats SBOM Studio delivers comprehensive software supply chain intelligence technology, empowering the company to effectively manage software bill of materials (SBOMs) and proactively address cyber risks in their medical device portfolio and beyond.
The FDA’s new Refuse-to-Accept Authority emphasizes the significance of SBOM management solutions like SBOM Studio. This recent contract with a medical device firm underscores the growing expertise in the healthcare security industry vertical, and increasing demand for SBOM solutions within the industry.
The FDA’s role in regulating medical device cybersecurity has significantly increased due to its authority to approve or reject premarket submissions based on compliance with the FD&C Act’s section 524B. This section mandates that MDMs provide a SBOM for their devices’ commercial, open-source, and off-the-shelf software components. The ability to institute an RTA decision emphasizes the FDA’s dedication to medical device cybersecurity and the importance of SBOMs for a transparent and accountable software supply chain.
The Consolidated Appropriations Act (‘Omnibus’) amended the FD&C Act’s section 524B, titled ‘Ensuring Cybersecurity of Medical Devices.’ This requires MDMs to disclose a comprehensive list of software components used in their devices, including third-party and open-source elements, and address postmarket vulnerabilities with patches.
To proactively manage cybersecurity risks, MDMs must maintain an accurate inventory of device components, develop vulnerability management and risk assessment processes, provide device patches, and maintain device change records. The urgent need for managing vast amounts of SBOM data has created a large and growing addressable market for solutions like SBOM Studio.