Conference Day Two

8:20 am Coffee & Networking

8:55 am Chair’s Opening Remarks

Navigating Barriers Around Interoperability to Consolidate Cybersecurity Across Medical Device Environments

9:00 am Navigating the Complexities Around Software as Medical Devices to Ensure Adequate Security Controls are Put in Place

  • Leo Park Sr. Director of Cyber, Click Therapeutics

Synopsis

  • Strategies to develop and safeguard software as a medical device while maintaining cybersecurity standards
  • Best practices for deploying comprehensive security controls to safeguard data integrity and protect against cyber threats
  • Guidance on implementing effective risk management frameworks to mitigate security risks associated with integrated medical devices

9:30 am Generating Feedback Loop Systems in Cybersecurity Frameworks from Early Architecture Designs to Post-Market Monitoring to Accurately Assess Entire Life Cycle

Synopsis

  • Embedding cybersecurity considerations into the initial architecture designs of systems and devices to establish a strong foundation for security.
  • Establishing feedback loops between cybersecurity frameworks and operational practices to enhance security measures.
  • Case-study based insights showcasing the processes behind this style of monitoring

10:00 am Organizing Internal Frameworks within Companies to Manage Regulatory Guidelines Brought by External Bodies

  • Damien Sharp Global Quality Director - Medical Device Software Quality Systems, AstraZeneca

Synopsis

  • Strategies to implement cybersecurity guidelines into risk management lifecycles
  • Best practices for internal quality process/system o effectively implement cybersecurity across medical devices
  • Case study based insights into robust cross-functional collaboration to ensure cybersecurity is compliant

10:30 am Navigating Challenges Under Combinations of Regulated Systems & Unregulated Systems Ensuring Security of Medical Devices in Different Systems

  • Jim Barry Sr. Manager Information Technology, restor3d

Synopsis

  • Strategies for aligning security protocols across regulated and unregulated systems to ensure protection of medical devices
  • Implementing risk assessment frameworks to mitigate security risks associated with interoperability between regulated and unregulated systems
  • Ensuring cybersecurity best practices across diverse systems hosting medical devices

11:00 am Morning Break & Networking

11:30 am Improving Collaboration Between Software Developers & Cybersecurity Experts to Ensure Device Security From the Very Beginning

Synopsis

  • Ensuring robust cybersecurity from the planning stages of the software verification and design development plans
  • Embedding systems engineering perspectives in cybersecurity frameworks
  • Implementing robust security measures throughout the device development lifecycle

12:00 pm Consolidating the Understanding Between the Differences in Safety Risk Analysis and Cyber Security Risk Analysis to Ensure Device Security & Patient Safety

Synopsis

  • Differentiating between risks around physical and operational safety of medical devices, and risks around threats to data integrity and device functionality from cyber threats
  • Developing an integrated risk management framework that harmonizes safety and cybersecurity risk assessments
  • Implementing distinct methodologies for safety risk analysis versus cybersecurity risk analysis

12:30 pm Lunch Break & Networking

Consolidating Safety Risk Analysis & the Cybersecurity Risk Analysis to Establish Informed Guidance to Prevent Device Compromise

1:30 pm Establishing a Robust CIA (Confidentiality, Integrity, Availability) Triad to Serve as The Principal Foundation of Risk Analysis

Synopsis

  • Strategies to balance the trade-off between product safety, security, and desirability
  • Implementing robust encryption and access control measures to protect sensitive information from unauthorized access
  • Securing update protocols to maintain the accuracy and consistency of data and establishing disaster recovery plans to ensure that medical devices remain operational in the face of cyber threats

2:00 pm Panel: Embedding the Cybersecurity Value System Upstream to Ensure Security Processes Are Implemented in the Early Architecture to Minimize Downstream Security Compliance Issues.

Synopsis

  • Increasing the understanding behind cybersecurity literacy which does not require cybersecurity expertise
  • Through this managerial committee ensuring smoother collaboration across wider members of the team
  • Solutions to overcome challenges in implementing this internal shift in medical device companies

14:45 pm Afternoon Break & Networking

3:15 pm Navigating the Complexities of Vulnerability Management in Medical Device Cybersecurity to Manage Threats

Synopsis

  • Addressing Legacy Systems and Ensuring Interoperability to Secure Diverse and Outdated Medical Devices
  • Regulatory Compliance and Supply Chain Security: Overcoming Challenges in Meeting Standards and Protecting Components
  • Real-Time Monitoring and Efficient Incident Response: Balancing Performance, Patient Safety, and Rapid Remediation

3:45 pm Roundtable: Strategizing a Plan of Action After Your Cybersecurity System Has Been Infiltrated

Synopsis

  • Designing a robust plan of action to undertake as soon as an infiltration has taken place
  • How will the users of the devices be kept informed, despite you as the manufacturer having limited insight into what has occurred
  • Case-study based insights into potential action plans

4:30 pm Chair’s Closing Remarks