Skip to main content

CYBR 371 Cybersecurity for Medical Devices

Medical devices vary in their intended use, regulatory classification, and associated risk. There is a rapid and widespread growth of technological innovation, connectedness, and complexity of medical devices that improves healthcare and the treatment of patients but also poses a high level of unique challenges and rapidly increasing cybersecurity risks. This course introduces students to the unique challenges, scenarios, and solutions related to cybersecurity in medical devices. Case studies, technical labs, and other course activities and assignments will provide students with situational awareness and unique cybersecurity skills for medical devices. Additional topics related to medical device security include, but are not limited to, regulation and guidance, emerging technology, data protection, and emerging threats

Prerequisites

Special information

Note: Students are responsible to both be aware of and abide by prerequisites for ICS/CYBR courses for which they enroll, and will be administratively dropped from a course if they have not met prerequisites.
4 Undergraduate credits

Effective December 11, 2023 to present

Learning outcomes

General

  • Define medical devices, associated challenges, and unique cybersecurity-related risks.
  • Identify cybersecurity regulations, standards, guidance, controls, and best practices relevant to the medical devices industry and apply them to an organizational cybersecurity program.
  • Design security policy, implement security into a connected medical device, and apply appropriate actions (e.g., threat modeling, patching) under the Total Product Lifecycle (TPLC) using risk management.
  • Develop an appropriate approach for medical devices pre- and post-market vulnerability assessment and management, incident response, and disaster recovery.
  • Apply medical devices cybersecurity practices to technological innovation in the industry (e.g., AI, mobile, wearables, sensitive data).