Understanding BD’s Product Security Partnership Program




With the recent technological advancements in healthcare, medical device players have faced cybersecurity risks time and again in recent years. The cybersecurity threat exposes patients’ confidential data with personal and health information at risk. In October 2016, Johnson & Johnson (JNJ) warned its insulin pump users of security vulnerability of its device. During the same period, St. Jude Medical, which is now part of Abbott Laboratories (ABT), faced a case alleging the vulnerability of its devices to cybersecurity risk. Recently, in October 2017, Boston Scientific (BSX) faced claims of cybersecurity vulnerability of its portable cardiac rhythm management systems.

On December 11, Becton, Dickinson and Company (BDX), or BD, announced that the company has established a Product Security Partnership Program. The program aims to enhance the medical devices and technology cybersecurity through collaborations across the industry.

On December 11, BD stock declined ~0.62%. The Vanguard S&P 500 ETF (VOO) gained ~.32% on the day. BDX accounts for ~0.21% of VOO’s total holdings.

Article continues below advertisement

New program comprises three primary components

BD’s Product Security Partnership Program has three components, as below:

  • Participation with industry associations, government agencies, and security researchers
  • Participation in the UL Cybersecurity Cooperative Research and Development Agreement and collaboration with UL for the use of ANSI UL 2900 cybersecurity standard and
  • BD’s new cybersecurity vendor certification program which will provide the verification of third-party security technologies for compatibility and performance. As per BD, initial members of this certification program are Attivo Networks and Cylance.

Management Speak

According to Rob Suarez, Director, Product Security, BD, “Intelligent and connected medical technologies have transformed how health care providers diagnose and treat patients. As cyber attacks become more sophisticated and attempt to find vulnerabilities through an interconnected health system, medical technology companies, health care providers and government agencies need to collaborate even more to protect patients.”


More From Market Realist