Last year's omnibus appropriation bill passed by Congress made a good start with cybersecurity standards for internet-connected medical devices. But it's only one tiny piece of a large and complex puzzle.
ransomware
Imagine you need emergency surgery, but the hospital’s computers are down – victim of a malicious ransomware attack. Processing blood-typing must be done by hand, delaying the results; X-rays can’t be transmitted to the radiologist on call for review. The hospital is refusing to pay the cyber-terrorist's ransom demand. All the while, your medical records (and you) are in limbo.