If you are involved in any aspect of developing and maintaining medical devices and managing their security risks, this course is for you!
You do not need to have a background in security. All that we ask is that you come with a willingness to learn and ask as many questions as possible.
MedCrypt, a leading cybersecurity firm 100% focused on medical devices, and Toreon’s Data Protection Institute (DPI), a globally-recognized leader in cybersecurity and privacy training, have partnered to create a targeted threat modeling training specifically for Medical Device Makers.
Join us August 29th to September 1st for the training!
Classes will be held from 12 PM ET/9AM PT/18h CET to 4PM ET/1PM PT/22h CET every day, and participants will be able to start working on the 8 hours of preparatory self-paced materials on August 19th.
You only need three things:
1. stable internet access
2. your own laptop (preferred) or tablet
3. access to MS Teams with sharing turned on
And... (most importantly) bring an excitement to learn!
At a high level, this course will teach you to:
Each stage of the threat modeling process will use a fictional medical device. We’ll also link each aspect of the training back to regulatory requirements so you can see how this will directly impact your submission materials.
At the end of the course, you'll build your own threat model using our templates, receiving personalized feedback, and then you'll be ready to start threat modeling your own devices!
Threat modeling can seem like a daunting task that’s hard to apply for medical devices, and engineers may be unsure of its value. We understand this and have designed the course to address those concerns, centering the training around a fictional medical device and ensuring that each stage is explicitly linked to medical device examples.
We have designed this training to bring learners to comfort and ease with threat modeling, and lowering the barrier to entry. The training is a hybrid format that combines self-paced learning with an intensive four live labs. You’ll start your learning on our hybrid learning platform, which will walk you through a series of assignments to be completed before the live sessions. You’ll walk through the materials at your own pace, as well as interact with your peers on a forum that are part of the assignments. During this time our team will be available for any questions you might have.
We want to ensure that you get the most out of this training, and we’ll spend the live sessions applying the concepts from the preparatory material to a fictional medical device. We’ll periodically put you in breakout rooms so that you’ll brainstorm and apply what you are learning to something that you’ll have some familiarity with. You’ll not only see how to use threat modeling for medical devices, but also start to build templates and documents that you can leverage on your own work.
Exercises include (a more comprehensive list can be found in the training outline):
As we go through each stage of the threat modeling process, we’ll link it back to regulatory requirements so you can see how this will directly impact your submission materials. Our ambition is that you’ll see how much threat modeling can help you with regulations and ensure your devices leverage secure architecture.
Finally, you will create your own threat model. You’ll be able to do this using what you’ve learned, combined with templates that we’ll provide you. We’ll then review those threat models individually with you approximately one month after the live sessions and answer any questions you might have about regulatory requirements.