Loading ...

Public Training Course Dates & Information:

Course Catalog PDF Download Catalog »
Private TrainingPrivate Training

A customizable, cost-effective solution to train your team. Contact us to learn more »

Private TrainingGroup Discount Save up to 25%

Enroll three students in the same course (held on the same date and at the same location) at the regular price and receive a fourth enrollment for free. *This offer cannot be combined with any other promotional offer(s).


Medical Device Cybersecurity Risk Management Standards & Regulations Training Course

If your company makes connected devices, you know cybersecurity is paramount. This class digs deep into standards, regulations, and guidance for device cybersecurity, including threats, vulnerability, incident response and more.

This class is available in a virtual instructor-led format!

Medical Device cybersecurity is called out specifically in ISO 14971:2019 and ISO/TR 24971:2020. This training will introduce you to the process of ensuring that cybersecurity risks in connected devices are identified and managed throughout the software lifecycle. You will cover regulations, standards and guidance documents related to medical device cybersecurity including IMDRF cybersecurity guidance, MDCG cybersecurity guidance, FDA premarket and postmarket guidance for cybersecurity, ISO 80001-2 and ISO 14971. Interactive class activities include building a sample threat model during the workshops in the course, by incorporating the principles of cybersafety by design, information sharing, evidence capture, and incident response. 

Upcoming Dates and Locations

Virtual seminars run as 1/2-day sessions. In-person classes run as full-day sessions. See the virtual session daily class times.

Location Start Date Days Cost Public Course Private
VIRTUAL DELIVERY (Eastern Time) 11/30/2021 4 $2695.00 Add to Cart CONTACT US
VIRTUAL DELIVERY (Eastern Time) 01/31/2022 4 $2695.00 Add to Cart CONTACT US
VIRTUAL DELIVERY (Eastern Time) 03/22/2022 4 $2695.00 Add to Cart CONTACT US

Learning Objectives

  • Describe the terminology and definitions related to medical device cybersecurity
  • Identify the requirements for cybersecurity by design, including relevant standards, adversarial resilience analysis, remote access control, supply chain rigor, and requirements for premarket submissions in US and EU.
  • Describe a proactive, risk-based approach in third-party collaboration, integrating cybersecurity-specific postmarket requirements, and working with researchers and organizations to identify emerging vulnerabilities and threats.
  • Describe best practices for evidence capture during safety investigations that are independently reviewable, preserve information about the event (including chain of custody and tamper resistance) while avoiding privacy and surveillance concerns, and provide a mechanism for reapplication of knowledge.
  • Identify mechanisms for resilience and containment, including minimizing exposures, creating secure environments for isolation and segmentation, creating visible and safe modes of failure, while preserving data integrity.
  • Describe strategies for rapid, efficient cyber safety updates, such as automation and process documentation, secure update processes, stakeholder communication (including FDA), and OTS update verifications.

Major Topics

  • Regulations, standards and guidance documents related to medical device cybersecurity
  • Cybersecurity by Design, Third-Party Collaboration, Evidence Capture, Resilience and Containment, and Updates
  • Risk-based approaches to threat modeling, attacker evaluation, and documentation

Who Should Attend

Recommended for risk managers, quality assurance professionals, auditors, engineers/testers, product managers and regulatory professionals working in medical device and in-vitro diagnostic organizations. 

Virtual Half-Days: 4
In-Person Full-Days: 2
CEUs: 1.6

Virtual Session Details

Oriel STAT A MATRIX virtual instructor-led training (VILT) is a real-time internet-based learning experience where the instructor and learners are in separate locations. Oriel STAT A MATRIX’s VILT technology platform is designed to simulate a traditional in-person classroom experience and allows for 2-way dialogue, break-out sessions for engaged workshops and hands-on exercises, and group work using virtual breakout rooms. This provides for an engaging learning experience in which participants can connect with the content and interact with both the instructor and other classmates.

Online Training Schedule

  • This class is delivered across 4 consecutive days.
  • Classes run daily 1:00-5:00 p.m. Eastern Time.

Technical /Logistical Requirements

To participate in this learning, first and foremost, we need your engagement!  You will also need:

See our current schedule here.



Public virtual seminars run daily from 1:00-5:00 p.m. ET. Seminars run on Eastern Time unless otherwise noted in the Location field.

Auditor classes that require a final exam start at 11:30 a.m. on the last day to administer the final exam.

For more information download the virtual course agenda (close this window and navigate to the top of the course page) or Contact Us.

Get answers right now. Call 1.800.472.6477