Cybersecurity Unauthorized

12.0
RAC Credits
Tuesday, 05 October 2021 (9:00 AM) - Wednesday, 06 October 2021 (5:00 PM) Eastern Time (US & Canada)

Cybersecurity has proven to be a challenge not only with regard to ensuring the security of medical devices, but also preparing documents for regulatory submissions. Health authorities in many regions, including the US, Australia, Canada, and Japan, have released new cybersecurity guidance documents. In addition to premarket concerns, some of these guidance documents also include expectations for postmarket expectations. 

Medical device companies struggle to build security programs into quality systems that were likely not designed to address typical security issues such as hardening, vulnerability management, and global incident response. 

This workshop will help regulatory and quality professionals develop the knowledge they need to help steer their organizations in the right direction when it comes to global cybersecurity expectations. Technical staff will benefit from better understanding of how to translate regulatory expectations into concrete design and development activities. Organizational leaders will gain strategic knowledge that will increase the likelihood of successful submissions and help establish trust with customers who have concerns about risks related to medical devices on their networks.


Pricing Amounts & Deadlines 

22 December 2020 – 6 September 2021: Early Bird $800 Member | $900 Nonmember 

7 September 2021 – 4 October 2021: Regular $900 Member | $1000 Nonmember 


Objectives 

After this program, participants will be able to: 

• Better understand international regulatory expectations for medical device cybersecurity 

• Learn the main components of a product security program aligned with global expectations 

• Understand how to use pre-submissions to reduce the likelihood of cybersecurity-related deficiencies 

• Build more successful regulatory submissions Who Should Attend? 

This workshop will help regulatory and quality professionals develop the knowledge they need to help steer their organizations in the right direction when it comes to global cybersecurity expectations. Technical staff will benefit from better understanding of how to translate regulatory expectations into concrete design and development activities. Organizational leaders will gain strategic knowledge that will increase the likelihood of successful submissions and help establish trust with customers who have concerns about risks related to medical devices on their networks. 


Agenda 

I. The challenge of security: What makes this issue unique? 

II. Introduction to global regulatory expectations 

a. US, Canada, EU, Australia, China, Japan, France, Germany, IMDRF, etc. 

b. Breakout: plan your submission from a given country 

III. Security vs privacy: understanding the relationship and uniqueness 

IV. Pre-submission strategies for successful cyber submission 

V. Submission strategies: What to include and what to leave out 

VI. Lessons learned: What regulators would like you to know about your submission 

VII. Cybersecurity standards: not your typical approach 

VIII. Product security programs: the 7 pillars 

a. Governance 

b. Design and testing 

c. Risk management 

d. Labeling and communication 

e. Vulnerability management 

f. Incident response 

i. Breakout: tabletop exercise: “You’ve been hacked! Now what?” 

g. Supply chain 

IX. Musical chairs: Who’s typically responsible for different aspects of a security program? 


Speaker(s) 


Michelle Jump, Global Regulatory Advisor, Medical Device Cybersecurity, MedSec 
Michelle Jump is the Global Regulatory Advisor, Medical Device Cybersecurity at MedSec, where she is responsible for providing strategic leadership, training and advisory services to the medical device industry in the area of cybersecurity compliance, global regulations, standards, product security program development, and security risk management.  

Cancellation Policy 

RAPS reserves the right to cancel this program at its sole discretion. RAPS will not be responsible for travel or other costs incurred due to cancellation. 

All cancellation requests must be submitted in writing via our online cancellation form. RAPS is unable to accept cancellations by phone. Please specify the name of the person registered and event title. 

Substitutions may be accepted with written approval from RAPS and must be submitted to raps@raps.org. If you have questions or concerns, please contact RAPS customer service at +1 301 770 2920, ext. 200, or via email at raps@raps.org.