Stephanie Domas of Battelle moderated a panel on medical device cybersecurity at the Medical Device Cybersecurity Risk Mitigation Conference in July.
The panel, titled “Effectively Addressing Cybersecurity in Medical Devices: The Inherent Risks, Impacts of Security Decisions, and Practical Approaches,” explored the vulnerabilities and risks inherent with embedded and connected devices and the range of impacts these have on medical devices. Panelists shared practical approaches companies may employ to more effectively address cybersecurity risks, including engineering, policy, expertise/team makeup, and others. Areas discussed included: recognizing vulnerabilities and risks in embedded medical devices, understanding the impacts of cybersecurity decisions in a medical device, integrating cybersecurity into corporate DNA and building an effective cybersecurity team.
Panelists were Steve Abrahamson of GE Healthcare, Bob Banta of Eli Lilly & Company and Tara Larson of Medtronic.
Modern and connected medical devices include an increasing array of features that can be intentionally or unintentionally misused. To help medical manufacturers mitigate their cybersecurity risks, Battelle has put together a suite of services called DeviceSecure™ Services, which incorporates secure design, threat and vulnerability assessment, anti-tampering and anti-counterfeiting measures.
Stephanie Domas is Lead Security Engineer for Battelle’s DeviceSecure® Services. In this role, she is responsible for the design, architecture, verification and execution of security best practices in the development of new medical devices as well as the testing and cybersecurity risk mitigation of legacy systems. Stephanie is a registered Professional Engineer (PE) in the state of Ohio and a Certified Ethical Hacker (CEH). She sits on several standards committees involved in furthering cybersecurity for medical products. She also serves as an adjunct faculty member at the Ohio State University College of Computer Engineering.