With the conference circuit returning to in-person format around the world, the MedCrypt team participated in some of the most renowned events to discuss proactive cybersecurity, medical devices, and the healthcare ecosystem. Discover the key takeaways from conference sessions, panels, presentations, and workshops from the MedCrypt team:
Medical Device Cybersecurity 101:
On April 11, the University of Minnesota Center for Medical Device Cybersecurity hosted the Medical Device Security 101 event in collaboration with Archimedes Center for Healthcare and Device Security. Sponsored by MedCrypt, this day-long event featured speakers across medical device and healthcare sectors who shared different perspectives on medical devices and healthcare security.
MedCrypt Vice President of Consulting, Shannon Lantzy, attended as a presenter. Here is what Lantzy learned:
SBOMs, Threat Modeling, Programs Security Programs, and lessons from the field. It was great content, appropriately themed along the lines of FDA’s new draft guidance. There were new folks to medical device cyber as well as the recognizable faces who have been leading the charge in this industry for years. Co-Chairs Dan Lyon and Ken Hoyme led the way.
MedCrypt presented lessons from the field. Getting started with threat modeling is easy and high-impact. Getting started with vulnerability management is hard, and messages that executives need to hear and understand to embrace product security.
Seth Carmody, MedCrypt VP Regulatory Strategy, adds:
There’s a tight-knit group who knows the problem and the developing solutions, and new entrants to this space will bring fresh perspectives and are getting on board. Love the MDC101 forum as a specific opportunity for exchange between the old and the new.
Q1 Production Medical Device Cybersecurity:
On April 12–13 Q1 Productions hosted virtually the 6th Annual Medical Device Cybersecurity Conference. This event brought together cybersecurity experts from medical device manufacturers and health delivery organizations to share best practices on how to ensure patient safety can be protected.
MedCrypt CEO, Mike Kijewski, moderated a panel on navigating the complexities surrounding SBOMs. Here is what Mike Kijewski learned from attended and presenting at the 6th Annual Medical Device Cybersecurity Conference:
The panel brought to light the practical challenges and roadblocks facing implementation of ‘best practices.’ From talking to various device makers, it’s clear each device manufacturer faces a maturity curve they must navigate in vulnerability management.
CyberMed Summit:
This year, the CyberMed Summit took place at The George Washington University on April 14th. The Summit focuses on patient protection through safe and secure medical devices and healthcare infrastructure. The event brought together policy experts, leaders in government, and healthcare cybersecurity advocates and featured a live patient care cyber attack simulation.
Here is what MedCrypt Vice President of Regulatory Strategy, Seth Carmody, had to say about his experience witnessing the cyber attack simulation:
It’s always amazing to watch doctors do their thing even in the face of uncertainty and to see how much they care. I’d love to work towards a future where doctors don’t have to contend with the technology they rely on being unavailable or lacking integrity.
2nd Annual European Medical Device and Diagnostic Software Development and Compliance and Cybersecurity Conference:
TT Group’s 2nd Annual Conference dedicated to Medical Device Software Development, Compliance and Cybersecurity professionals brought participants together for presentations, case studies, panel discussions, networking, knowledge sharing, and learning opportunities. The conference’s cybersecurity stream covered emerging cybersecurity issues affecting the medical device industry. The industry’s greatest minds explored best practices to mitigate risk throughout the software development lifecycle and improve device security.
MedCrypt’s Chief Security Strategist, Axel Wirth, shares his experience as a presenter:
It is always a delight and great learning experience to spend time with the technical experts that are solving medical device security problems on a daily basis. The presentations and roundtables covered the topics that are on everybody’s mind, ranging from Threat Modeling and Software Bill of Materials to pre- and post-market vulnerability management.
H-ISAC Spring Summit:
MedCrypt was a proud sponsor of the H-ISAC Spring Summit on May 2–6. Mike Kijewski and Ashley Mancuso, Senior Director Product Security at Johnson & Johnson, led a presentation on what the industry has learned from SBOMs over the past three years.
As an attendee, Shannon Lantzy shares her thoughts on H-ISAC’s summit:
Highlights from H-ISAC include a talk from Suzanne Schwartz, FDA, debriefing the FDA guidance. It was also great to see presentations on FDA funding and SBOMs on the agenda. There were a lot of great talks from manufacturers on novel ways to solve problems and innovate in this exploding space!
MedCrypt is looking forward to attending and presenting at more events this year that are bringing together the medical device, cybersecurity, and healthcare communities.
