Medical Device Threat Modeling Compliance

Medical devices are increasingly complex and connected systems existing in complex connected ecosystems of healthcare delivery. Standard security controls can ensure some baseline security capabilities, but they fail to address the myriad of ways that medical devices are used, interface with the healthcare ecosystem, and most important, how security risks could result in unacceptable safety issues. Instead, for several years, the Food and Drug Administration (FDA) has recognized the value of threat modeling as an approach to strengthen the cybersecurity and safety of medical devices.

LP3 provides expertise in cybersecurity will provide services that will meet or exceed both FDA and European medical device threat modeling compliance.  To include:

• Medical Device Architecture Security Experts
• Threat Modeling and Security Risk Analysis
• Security Experts Participate in Design
• Forensics and Incident Response
• Cyber Security Penetration and Vulnerability Testing
• Post-Market Continuous Monitoring and Reporting
• Supply Chain Risk Management / Third Party Risk Management
• Medical Device, Enterprise and Document Security
• Cybersecurity Training & Virtual CISO Services
• Subject Matter Expert (SME) Certifications – CISSP-ISSAP, ISSMP, Security+ CE, CompTIA A CE, CEH

Understanding the FDA Premarket Cybersecurity requirements is a challenge. Most medical device manufacturers do not have device cybersecurity experts with experience with FDA submissions. LP3 augments your staff to ensure FDA and European Commission compliance; cybersecurity will not impede your devices approval.