Research, not marketing

No single entity is going to “fix” medical device cybersecurity. We are dedicated advancing our collective understanding of the challenges and opportunities we face through research.

The documents below are free to download, and we’re not going to do that thing where we ask for your email address in order to download them. We love feedback - so tell us if you love it, hate it or want to enhance it together.

Latest research

A patient safety approach for assessing medical device vulnerabilities

A patient safety approach for assessing medical device vulnerabilities

With medical devices being increasingly network-connected, we leveraged our collective expertise in medical device security and clinical risk management, to provide a holistic analysis of vulnerabilities in the medical device space through the assessment of clinical case studies using quantitative analytics, and a discussion of incident prevention recommendations.

A medical device cybersecurity toolbox

A medical device cybersecurity toolbox

There is no silver bullet. Complying with FDA cybersecurity regulations requires a variety of processes and technologies. A hypothetical device vendor’s approach to securing their product is analyzed, and leading tools are identified.

A tool in medical device cybersecurity - MedCrypt

A tool in medical device cybersecurity - MedCrypt

In this paper we highlight the specific cybersecurity requirements that can be satisfied using various features of MedCrypt.

Understanding international medical device cybersecurity guidance

Understanding international medical device cybersecurity guidance

Medical device cybersecurity requirements from global regulators will continue to evolve as the industry and ecosystem matures. The industry must be cautious against over reliance on “security frameworks” and must rapidly iterate to keep up with emerging technology best practices.

Medical Device Threat Modeling

Medical Device Threat Modeling

International regulators as well as customers are expecting Medical Device Manufacturers to deliver proactively secured devices. A deep dive into the unique considerations when threat modeling for medical devices.

The missing link between cybersecurity vulnerabilities and patches

The missing link between cybersecurity vulnerabilities and patches

An analysis of ICS-CERT cybersecurity disclosures reveals no correlation between a vulnerability’s CVSS score and the likelihood a patch will be made available by the manufacturer.

More resources

Check out our blog

Our latest thoughts on medical device cybersecurity

FDA, RTA and eSTAR - oh my!

Watch our latest webinar that discusses regulatory updates and the impact for medical device development and post-market management.

Want to learn about our services and solutions?

Services

No matter where you are in the regulatory submission process, we have a variety of services that can meet your needs when and where you need us.

Guardian

The Guardian platform is a secure and scalable cryptographic solution that simplifies security processes and incident response.

Helm

Gain visibility across your software supply chain to detect, prioritize, and remediate cybersecurity risk.