A key piece of managing medical device and diagnostic cybersecurity risks is the integration of threat modeling which provides a blueprint to strengthen security through the total product lifecycle of the devices, thereby ensuring improved safety and effectiveness of medical products. In September 2019, FDA awarded funding to MDIC to increase awareness on systematic approaches to threat modeling that can enable manufacturers to effectively address system level risks. As a part of this initiative, MDIC will be offering two bootcamps on threat modeling in 2020. In parallel to the bootcamps, MDIC is also developing a Medical Device Threat Modeling Playbook to be released in 2021. MDIC is working very closely with FDA, MITRE, Shostack & Associates as well as cybersecurity subject matter experts from various sectors for the implementation of bootcamps and playbook.
Objectives & discussion topics for the MDIC threat modeling bootcamps:
- Intensive, hands-on sessions on threat modelling.
- Learn about structured, systematic and comprehensive approach to threat modelling for engineering more secure systems from SMEs from public and private sector.
- Learn the latest updates on medical device cybersecurity and related areas from representatives of FDA and industry.
- Networking opportunity with SMEs from MedTech and non-MedTech sectors to learn on cybersecurity best practices that can be incorporated into the medical device industry
- Contribute to the discussions on the development of Medical Device Threat Modelling Playbook
Who should attend:
- Technical professionals in the medical device sector working in product development including software development, systems architecture or integration, project management, or documentation management.
- Regulatory professionals in the medical device public and private sectors.
This opportunity will be most beneficial if technical professionals participate along with their counterparts on the regulatory side. Although the bootcamp is free of charge to participate, seats are limited. In case of an overwhelming response, MDIC will restrict registration to a maximum of two representatives from each interested company. Selected participants will receive an email confirmation at least 3 weeks ahead of the bootcamp. (MDIC intends to hold two bootcamps: one virtually from August 17-21 with sessions daily from 1-4pm EST, and another either virtually or in-person at a later date which will be determined when we have a better sense of the evolving situation around the Coronavirus pandemic.)