Medical Device CyberSecurity Following the September 2023 FDA Premarket Guidance

Edwin Waldbusser Instructor:
Edwin Waldbusser 
60 Minutes
Webinar ID: 501627

More Trainings by this Expert

Price Details
Recorded Webinar
$199 One Attendee
$399 Corporate Recorded

Recorded: Access recorded version, only for one participant unlimited viewing for 6 months ( Access information will be emailed 24 hours after the completion of live webinar)

Corporate Recorded: Access recorded version, Any number of participants unlimited viewing for 6 months ( Access information will be emailed 24 hours after the completion of live webinar)


This webinar will explain the process of analyzing and minimizing cyber risks for premarket submissions. It will explain how cyber risks are identified and mitigated.

Concepts from the 2023 Guidance will be explained. The cybersecurity program must be carefully planned and documented. The manufacturer no longer can pass cybersecurity responsibility to the network. It is now a joint responsibility. Required documentation will be described including the Software Bill of Materials. A formal security risk analysis must be conducted for each risk, as well as a safety risk. Communication of risks as part of Transparency must be sent to device users.

Why should you Attend: Medical device cybersecurity has become very important to the FDA. They have issued three Guidance’s on the subject; in 2014, 2016 and 2018. In 2022 a draft Guidance was issued that would replace the 2014 and 2018 Guidances and supplement the 2016 Guidance. A Guidance was issued in September of 2023. In 2023 federal legislation gave the FDA legal authority to enforce cybersecurity.

The 2023 Guidance greatly expanded the FDA expectations for cybersecurity and gives concrete examples. FDA expects a proactive extensive risk based program to minimize risk to the user from cyber attacks. We will explain how the Guidance distinguishes Security risk from safety risk

Areas Covered in the Session:

  • Guidance Regulation and legislation Cybersecurity plan risk based analysis vulnerabilities, threats, and threat modeling Software Bill Of Materials risk communication to users updating process transparency requirements documentation requirements

Who Will Benefit:
  • company management
  • IT personnel
  • Development Engineers
  • Production Management
  • QA/ QC personnel
  • Software developers
  • Cybersecurity , ISAO, risk,

Speaker Profile
Edwin Waldbusser is a consultant retired from industry after 20 years in management of development of medical devices (5 patents). He has been consulting in the US and internationally in the areas of design control, risk analysis and software validation for the past 8 years. Mr. Waldbusser has a BS in Mechanical Engineering and an MBA. He is a Lloyds of London certified ISO 9000 Lead Auditor and a member of the Thomson Reuters Expert Witness network.

You Recently Viewed

Subscribe to our Newsletter

Subscribe for Compliance Alerts Research Reports Absolutely Free