Membership
Our Work
Resources
- Resource LibraryWhitepapers, research, toolkits, and more
- Video LibraryLearn about upcoming webinars or watch them on-demand
News & Events
- News & EventsMDIC helps you stay abreast of the latest advances and happenings within the MedTech sector through news releases and educational events. Check out the MDIC activities and events as well as a compilation of must-attend meetings and conferences from across the industry.
- containt-menu
  - EventsMDIC hosts in-person and virtual forums and events for the benefit of the medical technology community….
  - NewsGet the scoop on what’s new at the consortium and across the medical device industry.
  - MDIC Innovators Forum
About
- About MDICFounded in 2012, the Medical Device Innovation Consortium (MDIC) is the first Public-Private partnership created with the sole objective of advancing medical device regulatory science throughout the total product life cycle.
- containt-menu
  - Mission & PurposeFrom research to innovation, explore our story.
  - LeadershipMeet the MDIC Board of Directors.
  - StaffGet to know our team.
  - CareersEmployment opportunities with MDIC.
Contact

Medical Device Penetration Testing

Overview

Penetration testing, or ethical hacking, involves simulating cyber-attacks to identify and address vulnerabilities in systems before malicious actors can exploit them. This practice is crucial for safeguarding sensitive information, ensuring regulatory compliance, and improving overall security posture. For medical devices, penetration testing is especially important to protect patient data, maintain device integrity, and prevent disruptions in healthcare services, thereby enhancing patient safety and system reliability.

Proposed Deliverables

MDIC is developing a best practices framework on key elements of the application of penetration testing to medical devices.  The framework will cover topics such as:

Relationship of penetration testing to software and device validation activities.
What are best practices for PenTesting, including when and how often it should be performed?
How can penetration testers be driven by threat scenarios?
How should the results from a penetration test be treated for device correction and improvement?

PenTesting Members

Chris Reed (Lead)

Medtronic

Dirk de Wit

Philips

Jason Herbst

Medtronic

Peter Kapelanski

Medtronic

Inhel Rekik

Bracco

Curtis Blythe

Abbott

Matt Hazelett

MedSec

David Hingos

Johnson and Johnson

Tyrone Heggins

Sanket Kamath

Boston Scientific

Michelle Jump

MedSec

Jessica Wilkerson

FDA

Cybersecurity Resources

MDIC Medical Device Cybersecurity Maturity: Industry Benchmarking Report 2023

Learn More

Coordinated Vulnerability Disclosure (CVD) for Medical Device Cybersecurity Report

Learn More

Playbook for Threat Modeling Medical Devices

Learn More

Join Us!

To learn more, please contact MDIC project manager Noor Falah or program director Jithesh Veetil, cybersecurity@mdic.org

Medical Device Penetration Testing

Overview

Proposed Deliverables

PenTesting Members

Chris Reed (Lead)

Dirk de Wit

Jason Herbst

Peter Kapelanski

Inhel Rekik

Curtis Blythe

Matt Hazelett

David Hingos

Tyrone Heggins

Sanket Kamath

Michelle Jump

Jessica Wilkerson

Cybersecurity Resources

MDIC Medical Device Cybersecurity Maturity: Industry Benchmarking Report 2023

Coordinated Vulnerability Disclosure (CVD) for Medical Device Cybersecurity Report

Playbook for Threat Modeling Medical Devices

Join Us!

Peter Kapelanski

Inhel Rekik