MEDIcept Insights

Cybersecurity Risk Control

Cybersecurity Risk Control

With a freshly completed threat model in hand, you turn to your next task: create the corresponding cybersecurity risk assessment.  You identified some threat mitigations while constructing your threat model, perhaps making some design decisions intended to limit your...

read more
Threat Modeling for Medical Devices

Threat Modeling for Medical Devices

You’ve just realized that your medical device has a connection to the outside world and meets the definition of a cyber device per FDA guidance “Select Updates for the Premarket Cybersecurity Guidance: Section 524B of the FD&C Act.”  As the initial shock wears...

read more
Engaging a Penetration Testing Team

Engaging a Penetration Testing Team

Introduction  Secure design best practices (and various standards and guidance) recommend penetration testing (pentesting) be included in the secure development life cycle and conducted by a team independent of the product developers and testers.  Testing should begin...

read more