From Ransomware to Regulation: The New Business Reality for Medical Device Cybersecurity

Watch on Demand: From Ransomware to Regulation: The New Business Reality for Medical Device Cybersecurity

Cybersecurity is now a defining factor in medical device business strategy. Hospitals and healthcare providers are increasingly scrutinizing device security and rejecting devices without sufficient protections, while regulators are making SBOMs and vulnerability management a must-have. At the same time, cyber incidents highlight the real operational, safety, and reputational risks associated with interconnected healthcare systems.

In this webinar, hear from Shane Fry, CTO of RunSafe Security, Patrick Garrity, Security Researcher at VulnCheck, and Phil Englert, VP of Medical Device Security at Health-ISAC, on the business implications of cybersecurity in medical devices grounded in real-world data and examples.

Key Takeaways:

• Observations from vulnerability intelligence, focusing on common technologies that underpin healthcare and medical devices, including trends in threat actor targeting and system exposure
• Case studies highlighting the operational impact of incidents such as the Black Basta ransomware attack on Ascension Health and vulnerabilities in MIRTH Connect, showing how cyber incidents impact operations, safety, and trust
• Survey findings showing how cybersecurity affects procurement and vendor selection, including why 46% of healthcare buyers have declined purchases due to cybersecurity concerns, and why 78% consider SBOMs essential in procurement
• Insights into regulatory drivers, including FDA premarket guidance, EU Cyber Resilience Act requirements, and hospital procurement processes, and how these influence both manufacturers and healthcare providers
• Strategies to move from compliance-focused approaches to resilience-driven cybersecurity practices that manage risk across devices, systems, and endpoints