CERSI-FDA Cybersecurity Seminar Series: Jan Küfner (9-10 am Pacific / 12-1 pm Eastern)

Jan Küfner
Team Leader, Penetration Testing, TÜV SÜD

Penetration Testing of Medical Devices

In this presentation, Jan Küfner, Team Leader of Penetration Testing at TÜV SÜD, will discuss penetration testing of medical devices.

As the healthcare sector becomes increasingly reliant on connected medical devices, ensuring their cybersecurity is essential for patient safety. This presentation will delve into the critical need for medical device penetration testing (pen-testing) in identifying vulnerabilities and protecting both devices and patient data from cyber threats.

We will begin by explaining the role of notified bodies in the medical device industry, particularly their involvement in assessing compliance with regulatory requirements. The growing importance of effective pen testing will be discussed in light of rising cyber threats and the increasing connectivity of medical devices. The current state of medical device cybersecurity will be examined, with a forward-looking glance at upcoming challenges and innovations.

Key topics include the regulatory requirements for pen-testing, the gap between those requirements and the realities of current practices, and how standards like CVSS scores, attack surface assessments, and economically feasible testing approaches come into play. We will also explore the role of threat modeling, and how cyber audits conducted by authorities are shaping the landscape of medical device security.

Attendees will gain a comprehensive understanding of the challenges and solutions surrounding medical device pen-testing, equipping them with the knowledge needed to navigate this rapidly evolving field.

=======================================================================

More information about this series is available at: https://pharm.ucsf.edu/cersi/cybersecurity