TORONTO, November 27, 2023 – Cybeats Technologies Corp. (“Cybeats'' or the “Company”)(CSE: CYBT, OTCQB: CYBCF) is pleased to announce a partnership with the Health Information Sharing and Analysis Center (“Health-ISAC” or the “Partner”), a global organization focused on enhancing cyber and physical security in the healthcare industry.^[1] Cybeats and Health-ISAC will go to market with a joint Software Bill of Materials (“SBOM”) management solution targeting Medical Device Manufacturers (MDMs) and Healthcare Delivery Organizations (HDOs).

The Health-ISAC membership includes over 700 healthcare providers, pharmaceutical companies, and MDMs from around the globe, who are actively committed to defending against cyber threats in healthcare. The partnership will offer ‘H-ISAC SBOM Studio’ to H-ISAC members and the broader healthcare community, who are facing increasing regulations on cybersecurity and the adoption of SBOM. This partnership creates a significant revenue opportunity for Cybeats in the medical device industry. SBOM Studio^[2] has already been commercially validated in this market, and is being used by four of the top 10 global MDMs.^[3]

"Partnering with Health-ISAC is a game-changing leap forward for SBOM adoption and medical device security. We’re now better positioned to equip the organizations that will realize the greatest benefit from our solutions—those already responding to an evolving regulatory and cyber threat landscape. We're excited to strengthen our ties with the healthcare sector and are enthusiastic about the commercial opportunity this represents,” said Justin Leger, CEO of Cybeats.

The joint solution between Health-ISAC and Cybeats allows MDMs to upload and share SBOMs and Vulnerability Exploitability eXchange (VEX)^[4] security artifacts. Health-ISAC members, including HDOs, will benefit by having one central repository to access vital SBOM and vulnerability information, making the process less complex to address threats as they arise. This is a direct response to FDA’s new regulations and guidance, improving risk mitigation efforts, enhancing visibility, and streamlining regulatory remits. Cybeats and Health-ISAC will be sharing more information about this initiative at the upcoming Health-ISAC Fall Americas Summit in San Antonio, TX, November 27th to December 1st.^[5]

‍

“By partnering with Cybeats, Health-ISAC can offer free access to the SBOM repository for all health delivery organizations around the world - members and non-members alike. Health-ISAC has always held a unique position when it comes to Medical Device Security by bringing both the manufacturers and the healthcare delivery organizations together to address joint security issues. The SBOM repository is another ground-breaking step in enhancing security and resilience in the health sector,” said Phil Englert, Vice President of Medical Device Security at Health-ISAC.

FDA & Medical Device Security

The U.S. Food and Drug Administration’s (“FDA”) solidified its role in regulating medical device cybersecurity with its authority to approve or reject premarket submissions based on compliance with section 524B of the Federal Food, Drug, and Cosmetic Act (“FD&C Act”).^[6] This section mandates that Medical Device Manufacturers (“MDM”) provide a SBOM for their devices' commercial, open-source, and off-the-shelf software components. To proactively manage cybersecurity risks, MDMs must maintain an accurate inventory of device components, develop vulnerability management and risk assessment processes, provide device patches, and maintain device change records. FDA’s Refuse-to-Accept (“RTA”) authority as of March 29, 2023, emphasizes the significance of SBOM management solutions like SBOM Studio. On September 26, 2023, FDA released final (revised) premarket cybersecurity guidance, which supersedes premarket cybersecurity guidance issued on October 2, 2014. The recommendations in FDA guidance are intended to help manufacturers meet their obligations under section 524B of the FD&C Act.

About Health Information Sharing and Analysis Center (Health-ISAC)

Health-ISAC, a non-profit, private sector, member-driven organization, plays an essential role in providing situational awareness around cyber and physical security threats to the Healthcare Sector so that companies can detect, mitigate, and respond to ensure operational resilience. Health-ISAC connects thousands of healthcare security professionals worldwide to share peer insights, real-time alerts, and best practices in a trusted, collaborative environment.

As the go-to source for timely, actionable, and relevant information, Health-ISAC is a force-multiplier that enables healthcare organizations of all sizes to enhance situation awareness, develop effective mitigation strategies and proactively defend against threats every single day. Website: https://h-isac.org/ ^[7]

About Cybeats

Cybeats is a cybersecurity company providing SBOM management and software supply chain intelligence technology, helping organizations to manage risk, meet compliance requirements, and secure their software from procurement to development and operation. Our platform gives customers comprehensive visibility and transparency into their software supply chain, enabling them to improve operational efficiency and increase revenue. Cybeats. Software Made Certain. Website: https://cybeats.com 

SUBSCRIBE: For more information, or to subscribe to the Company’s mail list, visit: https://www.cybeats.com/investors 

Contact:

James Van Staveren

Corporate Development

Phone: 1-888-713-SBOM (7266)

Email: ir@cybeats.com 

Forward-looking Information Cautionary Statement

Except for statements of historic fact, this news release contains certain "forward-looking information" within the meaning of applicable securities law.   Forward-looking information is frequently characterized by words such as "plan", "expect", "project", "intend", "believe", "anticipate", "estimate" and other similar words, or statements that certain events or conditions "may" or "will" occur.   Forward-looking statements are based on the opinions and estimates at the date the statements are made, and are subject to a variety of risks and uncertainties and other factors that could cause actual events or results to differ materially from those anticipated in the forward-looking statements including, but not limited to delays or uncertainties with regulatory approvals, including that of the CSE.  There are uncertainties inherent in forward-looking information, including factors beyond the Company’s control. There are no assurances that the commercialization plans for the products described in this news release will come into effect on the terms or time frame described herein.  The Company undertakes no obligation to update forward-looking information if circumstances or management's estimates or opinions should change except as required by law.  The reader is cautioned not to place undue reliance on forward-looking statements. Company filings are available at sedar.com.

‍

^[1] https://h-isac.org/    

^[2] https://www.cybeats.com/sbom-studio

^[3]https://www.prnewswire.com/news-releases/cybeats-signs-three-year-seven-figure-contract-with-global-top-5-medical-device-leader-301911903.html

^[4] https://www.cisa.gov/sites/default/files/2023-01/VEX_Use_Cases_Aprill2022.pdf 

^[5] https://industrialcyber.co/event/health-isac-fall/ 

^[6]https://www.cybeats.com/news/fdas-enhanced-role-and-sbom-mandate-further-validates-market-for-cybeats-sbom-studio

^[7] https://h-isac.org/  

‍

‍

‍

‍