By

Gwen
In a release from The Cybersecurity and Infrastructure Security Agency (CISA) on July 21, 2021, it was announced that the Common Weakness Enumeration (CWE) Top 25 list has been updated from the previous 2020 version. The CWE Top 25 is a list that uses real-world data from the National Vulnerability Database (NVD) to identify current...
Read More
Cybersecurity: PACS CISA Homeland Security Advisory Issued for Medical Systems The Department of Homeland Security’s CISA has issued an advisory for the Worldwide Infrastructure Healthcare and Public Health sectors regarding Philips Vue PACS. The ICS Medical Advisory, ICSMA-21-187-01, discloses 15 vulnerabilities discovered in the Philips Clinical Collaboration Platform Portal, also known as Vue PACS. Four...
Read More
The Food & Drug Administration (FDA) has issued a response to NIST to the Executive Order (EO) on Improving the Cybersecurity of the Federal Government (EO 14028), dated 26 May 2021. The document, Response to NIST Workshop and Call for Position Papers on Standards and Guidelines to Enhance Software Supply Chain Security, summarizes “established FDA practices...
Read More
Medical devices are now considered a subtype of Internet of Things (IoT) devices [(2) https://owasp.org/www-pdf-archive/SecureMedicalDeviceDeployment.pdf]. There is a growing need to properly document the physical off-the-shelf (OTS) subsystem components that a medical device contains. Medical devices are often no longer stand-alone devices which contain only proprietary components. Inattention to additional components may lead to a...
Read More

Upcoming SoftwareCPR Training Courses:

Public Course – Jan 9-11, 2023 – Risk Management (in-person)

Our newly updated ISO 14971:2019 Medical Device Risk Management, A Software Organization’s Perspective public training course is now open for registration!

Where:  Tampa, Florida

  • Coverage of ISO 14971:2019, IEC 62304; amd1, and IEC/TR 80002-1.
  • System level hazards analysis – mapping to software, cybersecurity, and usability
  • Why FMEA is incomplete for medical device risk management.
  • How to perform software hazards analysis.
  • And more!

3-days onsite with group exercises, quizzes, examples, Q&A.

Instructors: Dr. Peter Rech, Brian Pate

Discount Registration through October 31, 2022.  Reserve your spot!

Register here: https://events.eventzilla.net/e/2023-softwarecpr-public-training-course–iso-14971-medical-device-risk-management-a-software-organizations-perspective-2138576610

 

Public Course – Dec 12-15, 2022 – Being Agile & Yet Compliant (virtual)

COST: 4 half days for $1,920 per person

HOURS: 11 am until 3 pm EDT each day

TRAINING LOCATION: Virtual – live online

Register here:

https://events.eventzilla.net/e/december-2022-softwarecpr-agile-and-compliant-training-course-2138573767

 

Corporate Office

15148 Springview St.
Tampa, FL 33624
USA
+1-781-721-2921
Partners located in the US (CA, FL, MA, MN, TX) and Canada.