FDA recommends Threat Modeling as Cybersecurity Risk Assessment methodology

The FDA introduces new regulation that requires ‘security by design’ for Medical Device manufacturers. In this regulation, the FDA will establish rules on how to handle cybersecurity threats, specifically requiring ‘Threat Modeling’ to map and mitigate those threats.

Creating a secure device is partly about simply adopting more secure technology. But it is just as much about introducing strong principles of security best practices to the product development lifecycle, to create ‘security by design’. It’s all about the process. Secure design needs a mature Cybersecurity Risk Assessment methodology. Threat Modeling is such a methodology, and a powerful, simple and practical one.

If you are a leader in Medical Device Manufacturing (MDM) or in a Health Delivery Organization (HDO) and you want to know how to use Threat Modeling to introduce security in your development, then we’ve got good news for you.

We’ve created a whitepaper, in collaboration with experts from the medical device community, to highlight how Threat Modeling can be applied in your field. This whitepaper will help you to:

• Recognize where Threat Modeling fits into risk management processes for developing medical device systems.
• Improve understanding of Threat Modeling: when to do it, how it works, and the insights it brings.
• Build a game plan to get your organization started with Threat Modeling.
• Get access to resources for more in-depth training.

We developed a 2-day in-house course with practical use cases, based on real world projects and our experience with Medical Device Manufacturers.

Toreon is a leader in the field of Threat Modeling methodology, providing training and expertise worldwide.
Get in touch with us for expert help in running Threat Modeling activities, or to get yourself or others trained.