April 3, 2023
TORONTO, March 31, 2023 – Cybeats Technologies Corp. (“Cybeats'' or the “Company”)(CSE: CYBT) is pleased to provide an update following the FDA's new Refuse-to-Accept (RTA) Authority as of March 29, 2023. The FDA’s new Authority, moving from its previous recommended guidance on medical device premarket submissions, helps further validate the market for Software Bill of Materials (SBOM) management solutions like SBOM Studio.
The FDA’s role in regulating cybersecurity for medical devices has significantly increased as the FDA can now reject or approve premarket submissions for medical (cyber) devices based on whether they meet section 524B of the Federal Food, Drug, and Cosmetic Act (FD&C Act). An important section 524B requirement is that medical device manufacturers (MDMs) provide a SBOM for the device's commercial, open source and off-the-shelf software components.
An ability to institute an RTA (Refuse to Accept) decision highlights the FDA's commitment to cybersecurity in medical devices and the importance of SBOMs in enabling a transparent and accountable software supply chain. Cybeats is already servicing one of the largest MDMs globally, and is also in trial evaluations and late stages of contract negotiations with multiple other leading global MDMs.
“Medical device manufacturers, especially larger organizations, potentially need to manage thousands of SBOMs for their medical devices, and provide these to the FDA or else face the risk of having the FDA issue a ‘refuse to accept’ decision on their premarket submissions, especially for submissions after October 1, 2023. It’s therefore urgent that medical device manufacturers swiftly prioritize the adoption of SBOM and SBOM management solutions, such as SBOM Studio, within their organizations,” said Yoav Raiter, CEO, Cybeats.
The Consolidated Appropriations Act (‘Omnibus’) was recently signed into law in late 2022. Section 3305 of the Omnibus bill featured an important amendment of the Federal Food, Drug, and Cosmetic Act (FD&C Act), section 524B, entitled ‘Ensuring Cybersecurity of Medical Devices’. MDMs must disclose a comprehensive list of software components used in their devices, including third-party and open-source components, identify and address postmarket vulnerabilities and provide postmarket patches.
A 2022 FBI report cited research finding 53% of medical devices and other connected products in hospitals had known critical vulnerabilities. Section 524B enhances the FDA's visibility into medical device security, enabling better assessment of cyber attack risks. The RTA (Refuse to Accept) for premarket cybersecurity submissions grants the FDA the authority to accept or refuse submissions based on whether they have met the section 524B cybersecurity requirements.
To proactively manage cybersecurity risks, MDMs must establish an accurate inventory of device components, develop vulnerability management and risk assessment processes, provide device patches, and maintain records of device changes. MDMs beyond creating and sharing a SBOM need to manage vast amounts of SBOM data, which establishes an urgent need for solutions like Cybeats' SBOM Studio.
Cybeats' SBOM Studio enables organizations to efficiently manage, distribute, and view their Software Bill of Materials (SBOMs) in a single interface. By doing so, they can easily identify and address cybersecurity vulnerabilities, reduce the cost of protection, and improve compliance. SBOM Studio is specifically designed to support software producers and consumers who use open source and 3rd party software components and who are transitioning to more transparent software development practices. The platform is compatible with various SBOM generation tools and can validate and correct imported SBOMs to improve their accuracy.
• Ability to ingest SBOMs from any source
• Semantic evaluation of SBOMs
• SBOM Quality Score
• Automated SBOM Management
• Accelerated Vulnerability Management
• Improved Workflow for Security Operations
• SBOM Sharing and Exchange
• Data-Driven Business Decisions
• Regulatory Compliance and Licence Infringement
• VEX functionality
Cybeats is a cybersecurity company providing SBOM management and software supply chain intelligence technology, helping organizations to manage risk, meet compliance requirements, and secure their software from procurement to development and operation. Our platform gives customers comprehensive visibility and transparency into their software supply chain, enabling them to improve operational efficiency and increase revenue. Cybeats. Software Made Certain. Website: https://cybeats.com
SUBSCRIBE: For more information, or to subscribe to the Company’s mail list, visit: https://www.cybeats.com/investors
James Van Staveren
Phone: 1-888-713-SBOM (7266)
Except for statements of historic fact, this news release contains certain "forward-looking information" within the meaning of applicable securities law. Forward-looking information is frequently characterized by words such as "plan", "expect", "project", "intend", "believe", "anticipate", "estimate" and other similar words, or statements that certain events or conditions "may" or "will" occur. Forward-looking statements are based on the opinions and estimates at the date the statements are made, and are subject to a variety of risks and uncertainties and other factors that could cause actual events or results to differ materially from those anticipated in the forward-looking statements including, but not limited to delays or uncertainties with regulatory approvals, including that of the CSE. There are uncertainties inherent in forward-looking information, including factors beyond the Company’s control. There are no assurances that the commercialization plans for the products described in this news release will come into effect on the terms or time frame described herein. The Company undertakes no obligation to update forward-looking information if circumstances or management's estimates or opinions should change except as required by law. The reader is cautioned not to place undue reliance on forward-looking statements. Company filings are available at sedar.com.
 FD&C Act section 524B “Ensuring Cybersecurity ofDevices”, para. (b) (3).
 Until October 1, 2023 the FDA is expected to work collaborativelywith MDMs on their premarket submissions to ensure they meet the section 524Bcybersecurity requirements.
November 27, 2023
The Health-ISAC membership includes over 700 healthcare providers, pharmaceutical companies, and MDMs from around the globeRead More →
November 7, 2023
A U.S. White House statement released on October 31, 2023 followed a White House Executive Order on artificial intelligence (“AI”), that included novel software inventory requirements on AI. This statement featured Cybeats as part of an innovative industry coalition in support of the White House on this new AI Executive order.Read More →
November 3, 2023
Cybeats is a cybersecurity company providing SBOM management and software supply chain intelligence technology.Read More →