17 - 20 February, 2020 | Mercure Hotel MOA Berlin, Berlin, Germany

Cybersecurity Focus Day

9:15 am - 9:55 am Early Insight into the European Cyber Security Guideline for Medical Devices

·         Uncover how the new guideline compares and contrasts to the EU Medical Device Regulation
·         Explore how the European Cyber Security Guideline integrates with risk management for safety
·         Ask the question: ‘Will hacking attacks for medical devices be considered ‘foreseeable’ now?
Georg Heidenreich, Director of Healthcare IT Standards at Siemens

Georg Heidenreich

Director of Healthcare IT Standards
Siemens

9:55 am - 10:35 am Fire-side Q&A: Operationally Implementing the European Cyber Security Guideline for Medical Devices in Your Company

·         Troubleshoot your foreseen challenges with this new regulatory guidance
·         Follow on Q&A session to presentation above

11:05 am - 11:35 am Developing a Cybersecurity Model for Medical Devices in Line with International Regulatory Requirements


• Learn how medical device manufacturers navigate evolving international regulatory requirements, no matter
 where they are located or which markets they serve
• Familiarize yourself with an approach that matches the need for safe and secure devices with engineering
 requirements and security-capable device architectures
• Understand how device manufacturers can be ready to meet market demands and face the cyber threats of
 the future
Axel Wirth, Chief Security Strategist at MedCrypt

Axel Wirth

Chief Security Strategist
MedCrypt

11:35 am - 12:15 pm A Patient (and Hacker) Perspective on Medical Device Security

•Hear my journey in hacking my own medical device
•Highlight how connected medical devices impact patient safety 
•Deep dive into strategies medical device designers can use to ensure patient safety

Jay Radcliffe, Director of Product Security Testing and Research at Thermo Fisher Scientific

Jay Radcliffe

Director of Product Security Testing and Research
Thermo Fisher Scientific

12:15 pm - 12:55 pm Securing a Cloud-Connected Medical Device for Smartphones

·         Review the regulatory requirements, standards, guidance and best practices for the cybersecurity of connected devices
·         Understand the cybersecurity threat/security model and risk mitigations to ensure integrity, privacy, confidentiality and availability of the data in medical device, app and cloud
·         Apply the risk management strategies (IEC 80001-1, 80001-2-2, 80001-2-8) and analyse the risks according to the classification of the Mobile App and sensitivity of the data (GDPR/HIPAA compliance)
Danish Mairaj, Senior Engineer – Software and Electronics at Vectura

Danish Mairaj

Senior Engineer – Software and Electronics
Vectura

1:55 pm - 2:35 pm Interactive Discussion Groups

Collaborate with your peers and discuss the key cybersecurity challenges for medical devices. Pick a topic and join an interactive discussion group of your choice to get stuck into the debate! 
  • Preparing for Future Security Challenges
  • Navigating the New FDA Regulatory Updates  
  • GDPR and Patient Privacy in the Context of Commercial Apps for Clinical Trials 
  • Factoring the MDR into Security Considerations
  • Software ISO 14791 Risk Management

3:05 pm - 3:35 pm IT Security Applied to Medical Devices...What Is So Special About It?

·         Discuss the medical device cybersecurity evolution
·         Ask the question: What is special about medical device cybersecurity?
·         Consider the customer view on medical device cybersecurity
Rüdiger Rissmann, Technical Lead Cyber Security Improvement Program at Roche Diagnostics

Rüdiger Rissmann

Technical Lead Cyber Security Improvement Program
Roche Diagnostics

·         Explore the authentication of MedTech users: Challenges of usability of user authentication and its effectiveness
·         Perfect your patching of unconnected (over internet) medical devices: culture, cost, and (de)motivation of patching a medical device.
·         Discuss the lack of common cyber security certification standards such as PCI DSS in MedTech
Waqar Ahmed, Senior Software Engineer for Product Security at BD (pending final confirmation)

Waqar Ahmed

Senior Software Engineer for Product Security
BD (pending final confirmation)