Medical technology is a heavily regulated industry and while there are very big name companies with deep pockets, small to medium manufacturers are struggling to keep up with the sheer amount of cybersecurity requirements. On top of all this, the requirements are many, qualified people are rare, and essential dependencies have shown not to be always stable.
- Intro and giving a tangible sense of how heavily regulated is medical device industry
- Dates and ongoing movements in the industry (eStar evolution, regulatory bodies, manufacturers, notified bodies, security companies, pentest providers)
- How are the new aspects affecting new products and product updates: SBOM, threat modeling, security risk management
- The long list of challenges, pitfalls and other fun aspects: legacy, embedded, certifications, SBOMs, CPEs, NVD chaos, risk management, etc.)
Licensed to the public under http://creativecommons.org/licenses/by/4.0
This Talk was translated into multiple languages. The files available for download contain all languages as separate audio-tracks. Most desktop video players allow you to choose between them.
Please look for "audio tracks" in your desktop video player.