Cybersecurity Medical Devices

Medical device cybersecurity consultancy & training

Drawing from extensive experience in risk management within medical device, hardware, and software development, Lorit Consultancy Team is your trusted partner for navigating the complexities of medical device cybersecurity. From AAMI TIR 57 to NIST SP 800-30 and IEC 81001-5-1, we guide you through the latest standards, providing insights into methodologies for asset and vulnerability analysis.

Whether consultancy, support, or training – we excel in guiding you towards safe and secure product design, aligning with FDA cybersecurity guidance and relevant EU regulations.

Cybersecurity Processes

In the dynamic field of the medical device industry, our firm leverages years of project experience to guide you through numerous standards and guidelines used to assess, mitigate and verify satisfactory cybersecurity implementation.

We can support you in implementing strategies like the Secure Product Development Lifecycle (SPDL) defined in the IEC 62443 series, ensuring your cybersecurity measures are aligned with industry best practices. Our expertise covers the cybersecurity risk management processes outlined in NIST SP 800-30 and AAMI TIR 57, drawing their connection to ISO 14971. We conduct vulnerability analyses using frameworks such as the Common Vulnerability Scoring System (CVSS) and Microsoft STRIDE.

Post-Market Cybersecurity

Post-market activities are integral to the development of medical devices, and our firm is adept at guiding you through the formulation and execution of your post-market cybersecurity strategy. We provide consultation on aligning cybersecurity assessments with ISO 14971 risk management activities. Recognizing the evolving nature of the cybersecurity landscape, we help establish strategies for ongoing assessment, ensuring an acceptable residual risk is maintained.

Our services

Consultancy & Support:

Security analysis, evaluation and control
Definition of security solutions
Post-market monitoring

Our services extend to defining product hardening techniques to reduce vulnerabilities and establishing robust verification strategies such as fuzz and penetration testing.

We support you with tool choices e.g. the choice of Software Composition Analysis tools and provide expertise in managing your Software of Unknown Provenance (SOUP), along with guidance on generating and overseeing Software Bill of Material (SBOM). With extensive experience, we specialize in post-market cybersecurity strategies, referencing standards like AAMI TIR 97.

Training:

We offer (online) training courses that can be customised to meet your requirements in terms of date, format and content.

Our cybersecurity course for medical devices relates to cybersecurity in general, with references to international standards such as ISO 14971, AAMI TIR 57 and NIST. In addition to a comprehensive overview, we also provide detailed insights into the areas of analysis and methods.

In this way, you learn how cybersecurity becomes an integral part of your projects and benefit from our industry knowledge and experience.

Cybersecurity Medical Devices Trainer

To the profile

Alastair Walker

Owner/Consultant

Medical Device Cybersecurity – Current dates

CourseCybersecurity Medical Devices

Date27. Nov. / 1 Day

TrainerAlastair Walker

Costs€700 / £650

Request

All courses

Testimonials

Companies around the world rely on our extensive knowledge in safety-relevant industries when developing their products.

Lorit Consultancy guided us through the intricacies of security regulations for medical devices in no time. We received concrete and comprehensive answers to questions we had been unable to find answers to for some time. Now, we can go to the market faster.

Natalia Kazankova – Senior Product Marketing Manager, Code Intelligence

As a leading medical device manufacturer, we greatly benefited from Lorit Consultancy`s services. The training always has effective combination of theory with practical insights, what is essential for our medical device development/manufacturing. The trainers were exceptional, simplifying complex concepts and engaging us with interactive discussion and case studies. Training has enhanced our teams capability of ensuring our products meet the highest standards.

We sincerely appreciate the professionalism and expertise of the Lorit Consultancy team. Their commitment to excellence has profoundly impacted our work. Thank you for an outstanding training experience.

Vladislavs Pavlovs – Laser and Electronic Components Development Department, CeramOptec GmbH

In summary; very useful, the recommendations/observations are recognisable and the report will help steer future 62304 compliance efforts.

In addition, the report also satisfied our external stakeholders.

Phil Cooley – Quality Manager, Bond Digital Health Ltd

Thank you, for a terrific course!
The trainer was extremely knowledgeable about the material, and made the content very easily digestible, even the more challenging bits. I am very satisfied.

Rhyse Jaeschke – Manager, System Verification & Validation Ultrasound R&D, Philips Healthtech

With Lorit Consultancy we have found an extremely reliable partner who sees the big picture. Through their Functional Safety Engineering (ISO 26262) competence, we enjoy support at the highest level within our automotive product development.

Remarkable is the smooth integration into our internal development team and the always professional & uncomplicated communication. We look forward to many more joint projects!

Harald Sporer – Senior Project Manager, Automotive Sense & Control, Infineon

It was really a very helpful and excellent training!

Marco Augustin – Quality and Software Manager, Occyo

Lorit Consultancy´s support was instrumental in helping us achieve compliance in IEC-62304/ 82304 and ISO 14971 for our software-as-a-medical-device product.

Ju Zhang – Founder, CEO Formus Labs

Plexus has used the services of Lorit Consultancy in relation to a new healthcare project where insights into ISO 14971 and IEC 60601-1 international standards was needed. We have been very impressed with the quality of knowledge within Lorit and the quality of documentation and deliverable, and we look forward to continuing to partner with Lorit in the future.

John Simpson – Senior Manager, Engineering Plexus

Essential for my job. Reduced my fear of 60601.

Senior Mechanical Engineer

Lorit Consultancy gave us excellent support in defining the requirements and implementing the BS EN 62304 document structure for our first product.

Selly Saini – CEO Inside Biometrics

It’s great to have the opportunity to receive this training from somebody who is obviously an expert in the topic and understands the practical implementation.

Senior Design Assurance Engineer

Lorit Consultancy provided a professional and efficient service in defining regulatory requirements for both new developments and legacy products.

Alastair Mutch – VP Research and Development, Diagnostics Cardiology Spacelabs Healthcare

Excellent course and very pragmatic approach on implementing compliance.

Senior Software Engineer

Lorit Consultancy gave us great support when guiding us through the process of hardware metric generation as defined in ISO 26262. Providing both the FMEDAs and training on the use of them.

Geoff Owen Protean

Very well executed, very helpful. Thank you for your time and expertise.

Senior Electronics Engineer

The instructor was extremely engaging and clearly had excellent knowledge of the material.

Innovation Agent

Cyber­security Medical Devices