Velentium, a professional engineering firm that specialises in the design and manufacturing of therapeutic and diagnostic active medical devices has launched a new training and certification series, Mastering Embedded Cybersecurity.
The programme has been created as a response to mounting threats as cybersecurity continues to play a larger role in medical device development. The training will establish standards and educate the world’s leading medical device manufacturers and their engineers on how to avoid and mitigate cybersecurity vulnerabilities that are frequently introduced during the design, development, and production phases.
Dan Purvis, chief executive officer of Velentium, said: “Our security experts have worked tirelessly with regulatory and standard bodies to better define the tools, techniques, and processes for the medical device industry, giving us first-hand knowledge of the intricate security issues and increasing vulnerabilities facing the industry today. As soon as we began teasing this programme, we received significant interest from some of the world’s leading players in the medical device field, demonstrating an urgent need for formal training on how to implement cybersecurity best practices and processes in pre-market and post-market activities.”
To support the course’s curriculum, Velentium will use the bestselling textbook Medical Device Cybersecurity for Engineers and Manufacturers, a comprehensive guide for medical device manufacturers seeking to implement secure lifecycle management processes. The book, which covers the growing sophistication of cyber threats in the medical device ecosystem and serves as the foundation for the course, was co-authored by security strategists and technical experts at Velentium and MedCrypt, a provider of proactive security solutions for the healthcare space. Velentium’s growing cybersecurity division is based out of Denver, CO.
Given current restrictions imposed by the global health pandemic, training will temporarily occur in virtual classrooms. The programme is being offered via take-home course kits, synchronous online learning sessions, or customisable corporate training for larger organisations. The curriculum also includes stand-alone or bundled Parasoft software training to deliver an exercise-focused workshop that grows developers’ understanding of secure and quality coding standards and expertise in applying Parasoft’s automated testing solution to medical software development.
Mastering Embedded Cybersecurity offers three levels of training & certifications:
- Level 1 – Core: Evaluating designs, assessing vulnerabilities, and constructing SBOMs
- Level 2 – Intermediate: Identifying, selecting, and implementing cybersecurity solutions
- Level 3 – Advanced: Crafting custom security solutions and system security engineering
A custom, two-hour executive training course is also available for board members, C-level and other senior executives who are driving the integration of embedded cybersecurity best practices into their companies’ operations.
Christopher Gates, principal security architect at Velentium, said: “Ultimately, our goal is to use a combination of tools and formalised training to raise awareness of the growing sophistication of cyber adversaries disproportionate to industry understanding. According to the FDA, eight cybersecurity-related recalls occurred in 2019. There have been more than forty in 2020, marking a significant increase. This training and certification programme serves as an indispensable resource for medical device manufacturers, including engineering management, software engineers, business managers, and regulatory professionals.”