RAPS Workshop: Cybersecurity Unauthorized

Securing medical devices and documents for regulatory submissions from cyberattacks is challenging. Many medical device companies struggle to retrofit their security programs to address hardening, vulnerability management, and global incident response. New statutory requirements in the United States are increasing the focus on planned postmarket activities in the submission process. Cybersecurity has become mission-critical for medical device manufacturers.

Health authorities spanning the US, European Union, Australia, Canada, and Japan have issued cybersecurity guidance that is essential for regulatory affairs professionals to understand. In addition to premarket concerns, some of the guidance also includes expectations for post-market expectations.

This interactive virtual workshop will help regulatory and quality professionals develop the knowledge they need to help steer their organizations in the right direction when it comes to global cybersecurity expectations

Technical staff will get a better understanding of how to translate regulatory expectations into concrete design and development. Organizational leaders will gain strategic knowledge that will increase the likelihood of gaining green lights from regulators while also teaching them how to establish trust with customers concerned about risk related to medical devices on their networks.

Learning Objectives

Thoroughly understand international regulatory expectations for medical device cybersecurity
Know the main components of a product security program aligned with global expectations
Understand how to use pre-submissions to reduce the likelihood of cybersecurity-related deficiencies
Be able to build more successful cybersecurity content for regulatory submissions
Learn key medical device security standards

Who Should Attend?

Early and mid-stage career regulatory and quality professionals through the director level
Engineer-level to director-level R&D professionals

Audience Learning Level

Basic: Content is introductory in nature and requires no requisite knowledge or experience to grasp concepts and related exercises. Basic educational activities are meant to establish a foundation of knowledge and/or competence that will be expanded upon in practice or in higher level activities.

Agenda

Topic 1

An Introduction to Medical Device Cybersecurity Concepts and Challenges

Speaker: Michelle Jump

Topic 2

Medical Device Product Security Programs: Putting together the puzzle

Speaker: Michelle Jump

Topic 3a

FDA Select Update, 524B, and Omnibus

Speaker: Matthew Hazelett

Topic 3b

eSTAR: Review of the Document Expectations

Speaker: Michelle Jump

Topic 4

Secure Design: You Can’t Mitigate Your Way to Security

Speaker: Matthew Hazelett

Topic 4b

SBOM

Speaker: Michelle Jump

Topic 5

Security Risk Management and Threat Modeling

Speaker: Michelle Jump

Topic 6

Submission Strategies for Cybersecurity

Speaker: Matthew Hazelett

Topic 6a

IEC 81001-5-1: Foundational Standard for Cybersecurity

Speaker: Michelle Jump

Topic 7

Labeling and Communication

Speaker: Michelle Jump

Topic 10

Overview of global regulatory expectations

Speaker: Michelle Jump

Cancellations and Refunds

RAPS reserves the right to cancel this program at its sole discretion. RAPS will not be responsible for travel or other costs incurred due to cancellation. All cancellation requests must be submitted in writing to [email protected]. Cancellations will receive a full refund minus a 20% administrative fee. RAPS is unable to accept cancellations by phone.

Substitutions

Paid registration substitutions may be accepted with written approval from RAPS for requests received before the start of the event. To transfer a registration, email [email protected] with the event title, name of the original registrant and the contact information for the new attendee.