Events & Speaking Engagements

Two Chances to Join: 

March 18, 2025, 10:00 AM EST

March 19, 2025, 1:00 PM EST

Description: Do you struggle with all the different sources of cybersecurity controls for your medical device? Regulatory expectations for cybersecurity controls in medical devices has been rapidly increasing over the past few years, and getting them wrong can result in the need for design changes, deficiencies, and failed submissions. FDA has 8 control categories with specific details in Appendix 1 of the premarket cybersecurity guidance. Other regulators rely more heavily on Standards, like IEC 80001-2-2 and the associated control capabilities. In this webinar, we will discuss the areas of alignment and gaps between these different control approaches to help you get control over what controls you need for your medical devices.

Register Here!

April 3, 2025 10:00 AM in EST

With Matt Hazelett, Chief Regulatory Officer

Description: One of the most challenging and new documentation deliverables in the 2023 FDA Guidance “Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions” are the Architecture Views. These Architecture Views are frequent deficiencies from the FDA in premarket submissions and can be challenging to create late in the development process or during a deficiency hold.  

In this webinar, we will break down what the Architecture Views are, why FDA is asking for them, when to start developing them, and how to get started making them. Attendees will have the opportunity to engage in a Q&A session to address questions about the Architecture Views and approaches to drive success.

Register through Eventbrite

Description: Of the many expectations in the new FDA Premarket Cybersecurity guidance, Cybersecurity Architecture Views have been one of the more challenging deliverables for medical device manufacturers to meet. The need for multiple diagrams and the level of detail needed in each view has caught many manufacturers by surprise. This course will help manufacturers better understand how to approach the Architecture Views and develop strategies for how to make these more successful in their submissions and useful throughout the device lifecycle.

• Lead Presenter - Matt Hazelett - Chief Operating Officer & Chief Quality Officer

• Date: April 24, 2025 (4 hours)

• Time: 1:00 PM to 5:00 PM (Eastern Time)

• Location: Online

Audience: This course is for staff at medical device manufacturers who are responsible for generating or reviewing Threat Modeling and Architecture Views documentation for medical devices.

Planned Agenda:

1. Describe the structure of Architecture Views and their benefits to medical device manufacturers

2. Discuss the similarities and differences between Threat Modeling and Architecture Views

3. Identifying when different Views are applicable to a medical device

4. Understand how Architecture Views can be used throughout the Total Product Lifecycle

Register through Eventbrite

Description: The US FDA has been a strong driver of medical device security expectations, but they are not the only regulators outlining medical device cybersecurity expectations. This course will review the specific medical device cybersecurity requirements for countries outside of the US, including common threads amongst the countries.

• Lead Presenter - Michelle Jump - Chief Executive Officer

• Date: May 6, 2025 (4 hours)

• Time: 1:00 PM to 5:00 PM (Eastern Time)

• Location: Online

Audience: This course is for staff at medical device manufacturers who are responsible for navigating cybersecurity expectations outside the US, either to maintain marketed products or to enter into a market for the first time.

Planned Agenda:

1. Common threads across the globe

2. IMDRF: Driving harmonization in thought and policy

3. Big hitters: European Union, Japan, Australia, Canada, China

4. Other markets to consider

Register through Eventbrite

Description: Standards are the backbone of any regulated industry. In some cases, they are mandatory, such as IEC 81001-5-1 in Japan. In other cases, they can be leveraged to develop processes that align with regulators’ thinking, such as AAMI TIR 57 in the US. Whatever the driver, standards help you build process and products faster and with a higher chance of success with regulators and customers. This course will review not only the content of key cybersecurity standards but also how to strategically use them.

• Lead Presenter - Michelle Jump - Chief Executive Officer

• Date: June 3, 2025 (4 hours)

• Time: 9:00 AM to 1:00 PM (Eastern Time)

• Location: Online

Audience: This course is for staff at medical device manufacturers who are seeking a better understanding of how to use cybersecurity standards in the medical device industry.

Planned Agenda:

1. How are cybersecurity standards used in the medical device industry

2. Medical device specific cybersecurity standards: domestic and international

3. General cybersecurity standards and their use

4. Non-standards for cybersecurity such as NIST

5. Useful standards from other industries such as industrial control standards

Event Registration

Description: This 3-day course will give you a detailed look behind the Zoom meetings, conference rooms, deficiency letters, and additional information request emails of the FDA. This course will cover cybersecurity submission strategies, everything you need to know about deficiencies, and how to have success with FDA reviewers that you won’t find anywhere else.

• Lead Presenter - Matt Hazelett - Chief Operating Officer & Chief Quality Officer

• Date: June 10-12, 2025 (4 hours x 3 Days)

• Time: 9:00 AM to 1:00 PM (Eastern Time) Each Day

• Location: Online

Audience: This course is for medical device cybersecurity team members and regulatory affairs personnel at medical device manufacturers who are looking for insider information on the FDA cybersecurity review process.

Planned Agenda:

1. Submission Strategies

2. Effectively Managing Deficiencies

3. Success with Reviewers