How vulnerable are your medical devices?
The webinar focused on cybersecurity regulations in the US, EU, and Latin American countries, with presentations from Eric Henry, Mark Omo, Richard Koch, and Lina Ramirez.
Key points included discussions on US regulatory framework, key cybersecurity literature, cybersecurity challenges and solutions, EU cybersecurity regulations, and the Latin American cybersecurity landscape. Action items included providing detailed mappings of cybersecurity activities, addressing the importance of the Software Bill of Materials, addressing questions during the webinar, launching a poll question on challenges with cyber regulations, and providing a summary of Latin American regulatory landscape for cybersecurity in medical devices.
Chapters
● 📢 Introduction
● Welcome and introduction of speakers: Eric Henry, Richard Koch, Lina Ramirez, and Mark Omo.
🛡️ Eric Henry's Presentation on US Cybersecurity Regulations (05:05)
● Overview of the US regulatory framework and landscape in the cybersecurity space.
● Cybersecurity activities as part of design controls and risk management.
● Key standards: IEC 62304, IEC 82304-1, AME TIR 45.
● FDA's consensus standards program and relevant documents.
● Common issues identified by regulators during audits and inspections.
● Importance of incorporating cybersecurity documentation into the design history file.
📜 Key Cybersecurity Literature in the US (17:06)
● FDA documents: cybersecurity for network medical devices, post-market guidance, communicating vulnerabilities, refuse to accept policy, pre-market guidance.
● Non-government guidances and standards: AME, IMDRF, IEC, UL, Mitre.
● Common themes across cybersecurity documentation: risk management, software bills of material, cybersecurity requirements, verification, post-market monitoring, coordinated vulnerability disclosure, information sharing, incident response, and addressing vulnerabilities.
🔍 Mark's Presentation on Cybersecurity Challenges and Solutions (29:16)
● Real-world examples of cybersecurity issues in medical devices.
● Importance of threat modeling and secure product development framework.
● Criticality of the Software Bill of Materials (SBOM).
● Post-market surveillance and monitoring.
● Analogy of home security to explain cybersecurity concepts.
● Importance of testing and validation of security controls.
🌍 Richard's Presentation on EU Cybersecurity Regulations (52:43)
● Overview of EU's approach to cybersecurity in medical devices.
● Importance of state-of-the-art requirements and risk management.
● Integration of cybersecurity into design and development operations.
● Challenges faced by notified bodies in resourcing cybersecurity expertise.
● Discussion on the potential impact of the AI Act on cybersecurity audits.
🌐 Lina's Presentation on Latin American Cybersecurity Landscape (01:29:32)
● Overview of cybersecurity regulations in Brazil, Mexico, Argentina, Chile, Colombia, and Peru.
● Common ground among Latin American countries: alignment with IMDRF, data protection laws, and national cybersecurity policies.
● Steps for Latin American companies to enter global markets: implementing cybersecurity policies, secure product development framework, ISO 14971, following IMDRF guidance, and understanding FDA and EU guidance.
This webinar was presented by MedTech Leading Voice on June 25, 2024.
Информация по комментариям в разработке