Overview:
This webinar will explain the process of analyzing and minimizing cyber risks for premarket submissions.
It will explain how cyber risks are identified and mitigated. Concepts from the 2025 Guidance will be explained. The cybersecurity program must be carefully planned and documented. Required documentation will be described including the Software Bill of Materials. A formal security risk analysis must be conducted for each risk, as well as a safety risk. Description of cyber risks as part of Transparency must be transmitted to device users.
Why you should Attend:
Medical device cybersecurity has become extremely important to the FDA. In 2023 federal legislation gave the FDA legal authority to enforce cybersecurity. The 2025 Guidance greatly expanded the FDA expectations for cybersecurity and gives concrete examples. FDA expects a proactive extensive risk based program to minimize risk to the user from cyber attacks. The Guidance distinguishes Security risk from safety risk and expects separate programs. The manufacturer no longer can pass cybersecurity responsibility to the network. It is now a joint responsibility.
Areas Covered in the Session:
- Guidance
- Regulation and legislation
- Cybersecurity plan
- Risk based analysis
- Vulnerabilities
- Threats, and Threat Modeling
- Software Bill Of Materials
- Risk communication to users
- Updating process
- Transparency requirements
- Documentation requirements
Who Will Benefit:
- Company Management
- IT Personnel
- Development Engineers
- Production Management
- QA/ QC Personnel
- Software Developers