{{ phone }} {{ location }}

Emergo by UL logo

         

Cybersecurity Risk Management and Procurement Support

ANSWERED ON THIS PAGE:

  • Have you identified cyber risks for your connected medical technology before bringing it to market?  
  • How do your risk management decisions impact your ability to complete procurement processes?
  • How can early cybersecurity assessments mitigate concerns, and delays to market, and facilitate regulatory compliance?

Cybersecurity risk is no longer relegated to computers and personal devices. Digital threats are part of any item with network connectivity, including medical devices. Our team can help you define your attack surface, attack vectors, and assets to be protected. We’ll help you identify those vulnerabilities that potentially impact functionality for users and outcomes for patients.

Aligning risk assessments for industry with regulatory and procurement requirements

    A guidelines-based risk assessment will help you improve cybersecurity hygiene and speed to market of your devices. This includes evaluating and consulting on your products’ ability to meet the expectations of industry, regulators, Health Delivery Organizations, and Group Purchasing Organizations. Our risk assessments are based on the FDA-recognized UL 2900 standard and the National Institute of Standards and Technology

    (NIST) Cyber Security Framework. The assessment will include:

    • Monitoring information sources to detect cyber vulnerabilities and risk
    • Identifying clinical performance to help develop protections and responses to cybersecurity risks
    • Recognizing methods to address risks prior to any occurrence

    Product and supplier assessments to evaluate cybersecurity risks

    Many companies invest considerable time and resources enhancing their cybersecurity measures. But if they fail to thoroughly assess all devices in their digital ecosystem, they can put the company, patients, and users at risk. Our team helps identify risks that may be introduced through your suppliers, technologies used in designing your devices, or to your technology infrastructure via procurement. Our supplier risk analysis considers:

    • Identification of potential assets, threats, and vulnerabilities,
    • Impact analysis of threats and vulnerabilities on device functionality and end users/patients,
    • Likelihood determination of a threat and/or a vulnerability being exploited.

    Emergo provides cybersecurity risk assessments for procurement processes

    Our knowledge of connected devices and cybersecurity regulations can help you control your procurement decisions and procedures against cyber threats. We understand where potential hardware and software vulnerabilities lie. Our team can support your efforts to demonstrate compliance with regulators expectations. Here’s how we can help:

    • UL 2900 FDA recognized standard compliance: Ensuring your device complies with FDA-recognized standards and guidance
    • Comprehensive cybersecurity risk assessment: Evaluate potential risks from the supplier and the devices/components in consideration
    • Build cybersecurity measures into procurement procedures: Establish purchasing protocols and documentation that address cybersecurity risks
    • Help identify your organization’s cybersecurity posture: Evaluate your organizations’ supply chain cybersecurity process maturity and establish a maturity model
    • Compliance and regulatory form submissions: Help compile the necessary cybersecurity documentation for device registration submissions

    Please contact us for more information about procurement consulting on cybersecurity for network connected devices.

    Questions? Request more information from our specialists

    CONTACT US >

    REGISTER NOW: To Err is Human: A Documentary Film Screening and Discussion on Preventing Human Errors in Medical Technology, Dec 6, 2018 to Dec 6, 2018 in ,

    FIND OUT MORE >

    Anura S. Fernando

    Principal Engineer for Medical Software & Systems

    Justin Heyl

    Cybersecurity Director

    United Kingdom

    150, Cambridge Science Park
    Milton Road
    Cambridge CB4 0GN
    +44 (0)1223 214 044

    USA

    205 W Wacker Drive
    Floor 13, Suite 1300
    Chicago Illinois 60606
    847 664 1363

    USA

    300 Baker Avenue
    Suite 200
    Concord Massachusetts 01742
    978 371 2700

    Netherlands

    Arthur van Schendelstraat 600-G
    MJ Utrecht,
    The Netherlands 3511
    +31 263 764 985

    Japan

    Marunouchi Trust Tower Main Building 6F
    1-8-3 Marunouchi, Chiyoda-ku,
    Tokyo 100-0005
    +81 3 5293 6041