Medical device manufacturers are often late in making a patch available, allowing perpetrators to get a foothold into the system, says Richard Staynings, chief security strategist at Cylera.