From adversarial threats (intentional hacking), to non-adversarial ones (in-advertent security breaches), cyber security has become a major risk to medical devices and SaMD in recent years. Because of this, the regulatory compliance landscape is complex and constantly evolving. As a leading connected medical device specialist, BlueBridge Technologies provides cradle-to-grave expertise for implementing and maintaining a strong cybersecurity posture across entire medical device product portfolios. We combine extensive experience and unrivalled knowledge to develop efficient solutions for the medical device industry, while providing the necessary processes and knowledge you require to develop and maintain more secure products.
Ensuring The Safety of Connected Medical Devices
Adopting A Risk-Based Approach To Designing Secure Systems
Our highly-experienced cybersecurity specialists at BlueBridge Technologies use advanced threat modelling to identify cyber security risks to your systems and data. Based on identifying threats in order to develop mitigations to them, threat modelling is a popular and successful risk-based approach to designing secure systems. We embrace the security principles of confidentiality, integrity and availability in our tried and tested software development processes. This helps us ensure your data is protected from unauthorised access, is trustworthy and is accessible whenever you need it to be.
Learn more in our video below:
Resources related to video above
- FDA | Medical Devices | Digital Health Center of Excellence | Cybersecurity
- FDA | Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions
- Section 3305 of the Omnibus (“Ensuring Cybersecurity of Medical Devices”) amended the Federal Food, Drug, and Cosmetic Act (FD&C Act) by adding section 524B, Ensuring Cybersecurity of Devices.
- FDA | Cybersecurity for Networked Medical Devices Containing Off-the-Shelf (OTS) Software
- FDA | Postmarket Management of Cybersecurity in Medical Devices
- MDCG 2019-16 – Guidance on Cybersecurity for Medical Devices
- IMDRF | Medical Device Cybersecurity Guide
- IMDRF/CYBER WG/N60 FINAL:2020 – Principles and Practices for Medical Device Cybersecurity
- IMDRF/CYBER WG/N73 FINAL: 2023 – Principles and Practices for Software Bill of Materials for Medical Device Cybersecurity
- AAMI TIR57:2016 (R2023) – Principles for medical device security – Risk management
- AAMI TIR97:2019 (R2023) – Principles For Medical Device Security – Postmarket Risk Management For Device Manufacturers
- ANSI/AAMI SW96:2023 – Standard For Medical Device Security – Security Risk Management For Device Manufacturers
- IEC 81001-5-1:2021 – Health software and health IT systems safety, effectiveness and security
- ISO/IEC 27000:2018 – Information technology – Security techniques – Information security management systems – Overview and vocabulary
- ISO/IEC 27001:2022 – Information security, cybersecurity and privacy protection – Information security management systems – Requirements
Why Companies Choose BlueBridge Technologies
With cyber security risks increasing and enterprises becoming more aware of their liabilities, software development teams need effective ways to build security into software. At BlueBridge Technologies, our approach to improving information security is to reduce the attack surface of the SaMD. Our team of highly-experienced cybersecurity specialists are actively participating in the MDIC (Medical Device Innovation Consortium) efforts to define industry best practice for SaMD threat modelling practices.
We can provide advice and guidance on a wide range of Cyber security topics. Our infosec staff hold CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager) and CSSLP (Certified Secure Software Lifecycle Professional) qualifications. We are focused on ensuring our cybersecurity practices are aligned with the latest in best in breed medical consensus.
Core expertise
Supporting Disciplines
Get In Touch
If you have the problem, we have the solution. To get started on your Cybersecurity journey, all you have to do is start by saying hello.
SAY HELLO