Medical Device Cybersecurity Risk Management Standards & Regulations Training Course

If your company makes connected devices, you know cybersecurity is paramount. This class digs deep into standards, regulations, and guidance for device cybersecurity, including threats, vulnerability, incident response and more.

This class is available in a virtual instructor-led format!

Medical Device cybersecurity is called out specifically in ISO 14971:2019 and ISO/TR 24971:2020. This training will introduce you to the process of ensuring that cybersecurity risks in connected devices are identified and managed throughout the software lifecycle. You will cover regulations, standards and guidance documents related to medical device cybersecurity including IMDRF cybersecurity guidance, MDCG cybersecurity guidance, FDA premarket and postmarket guidance for cybersecurity, ISO 80001-2 and ISO 14971. Interactive class activities include building a sample threat model during the workshops in the course, by incorporating the principles of cybersafety by design, information sharing, evidence capture, and incident response.

Read Less

Course Dates

Upcoming Dates and Locations

Virtual seminars run as 1/2-day sessions. In-person classes run as full-day sessions. See the virtual session daily class times.

Location	Start Date	Days	Cost	Public	Private
VIRTUAL DELIVERY (Eastern Time)	06/20/2023	4	$2495.00	Add to Cart	Contact Us
VIRTUAL DELIVERY (Eastern Time)	10/02/2023	4	$2495.00	Add to Cart	Contact Us
VIRTUAL DELIVERY (Eastern Time)	12/18/2023	4	$2495.00	Add to Cart	Contact Us

Course Details

Learning Objectives

Describe the terminology and definitions related to medical device cybersecurity
Identify the requirements for cybersecurity by design, including relevant standards, adversarial resilience analysis, remote access control, supply chain rigor, and requirements for premarket submissions in US and EU.
Describe a proactive, risk-based approach in third-party collaboration, integrating cybersecurity-specific postmarket requirements, and working with researchers and organizations to identify emerging vulnerabilities and threats.
Describe best practices for evidence capture during safety investigations that are independently reviewable, preserve information about the event (including chain of custody and tamper resistance) while avoiding privacy and surveillance concerns, and provide a mechanism for reapplication of knowledge.
Identify mechanisms for resilience and containment, including minimizing exposures, creating secure environments for isolation and segmentation, creating visible and safe modes of failure, while preserving data integrity.
Describe strategies for rapid, efficient cyber safety updates, such as automation and process documentation, secure update processes, stakeholder communication (including FDA), and OTS update verifications.

Major Topics

Regulations, standards and guidance documents related to medical device cybersecurity
Cybersecurity by Design, Third-Party Collaboration, Evidence Capture, Resilience and Containment, and Updates
Risk-based approaches to threat modeling, attacker evaluation, and documentation

Who Should Attend

Recommended for risk managers, quality assurance professionals, auditors, engineers/testers, product managers and regulatory professionals working in medical device and in-vitro diagnostic organizations.

Virtual Half-Days

4
In-Person Full-Days

2
CEUs

1.6

Virtual Session Details

Oriel STAT A MATRIX virtual instructor-led training (VILT) is a real-time internet-based learning experience where the instructor and learners are in separate locations. Oriel STAT A MATRIX’s VILT technology platform is designed to simulate a traditional in-person classroom experience and allows for 2-way dialogue, break-out sessions for engaged workshops and hands-on exercises, and group work using virtual breakout rooms. This provides for an engaging learning experience in which participants can connect with the content and interact with both the instructor and other classmates.