The impact of Cyber Security incidents on society is high, and in critical infrastructures such as healthcare it impacts the ability for hospitals to provide care.
Cybersecurity for medical devices is not just about safety, it should also protect the confidentiality, integrity and availability of systems and data. This seminar will provide you with an understanding of cybersecurity and its increasing regulatory focus and how to embed and apply state-of-the-art security in your existing processes to deliver safe and secure products and solutions.
Benefits in attending
- Gain a comprehensive overview of the EU, US and global regulations
- Introduction to the various healthcare security standards and their application
- Best practices on how to embed security by design in existing processes
- Receive practical advice on threat modelling
- Better understand security risk management and its linkage to safety management
- Understand shared responsibility and the information needs
Certifications:
- CPD: 12 hours for your records
- Certificate of completion
Course Content
Day 1
Introduction to cybersecurity
Cybersecurity regulatory overview
- For the manufacturer (both medical and non-medical)
- For the user (hospital)
- US focus (FDA, Biden's Executive Order on Improving the Nation’s Cybersecurity)
- EU focus (MDR, MDCG Guidance and upcoming NIS2)
- Global focus (IMDRF and guidance’s around the world)
Security by design
- An introduction to IEC 81001-5-1:2021 Health software and health IT systems safety, effectiveness and security - Part 5-1: Security - Activities in the product life cycle
- Supply chain
- Secure coding
- Testing
- Monitoring
- Coordinated vulnerability disclosure
- Obsolescence/security updates
Security risk management
- Methodologies
- Introduction to threat modeling
- Relation to safety risk management
Day 2
Threat modeling
- Introduction to threat modeling
- Threat modeling exercise
Shared responsibility and the hospital view
Security standards
- For processes
- For products (MD and SaMD)
- For health and wellness apps
- For services and cloud
- For hospitals
- Security certifications
Further security considerations
- Security in the development, manufacturing and service environments
- Shared responsibility
- Security information, e.g., MDS2
Who Should Attend
- Security and privacy specialists
- Risk managers and architects
- R&D, product and project managers
- Regulatory and quality managers
- Software engineers
- Healthcare IT consultants and auditors
