Sugpiat CyberWerx understands the importance securing medical device technology throughout the product life cycle. As medical devices become more digitally interconnected and interoperable, the health benefits offered can be offset by system vulnerabilities and security breaches. Patient safety and privacy are a critical factor for the usability of medical devices, regardless of their advertised health benefit.
We use a thorough 100-point security assessment to evaluate the cyber worthiness of medical devices. Our approach begins with an evaluation of the software lifecycle process used by the manufacturer, coupled with an evaluation of the effectiveness of IEC 62304:2006 and other risk controls. We evaluate network connected medical devices in a secure lab environment, evaluate network interfaces, topologies, data privacy controls, and simulate cyber actor tactics to evaluate the likelihood of threats. From a governance perspective, our team also evaluates the organization’s risk management strategy and IT Service management practices to ensure long-term continuous monitoring and commitment toward medical device security.
As a Small Disadvantaged Business able to qualify in all NAICS, we invite teaming opportunities from industry partners.