Medical Device Cybersecurity Assessment and Penetration Testing Services Now Offered Onsite at Alpine Security’s O’Fallon, Illinois Facility


There are 10-15 medical devices per hospital bed. Many of these are vulnerable to cyberattacks.

There are 10-15 medical devices per hospital bed. Many of these are vulnerable to cyberattacks.

“Innovative medical devices are used to diagnose patients and assist with patient surgery. It is vital we protect these critical medical devices from cybercriminals. It truly is a matter of life and death, where the impact of a cyberattack is very tangible.” – Christian Espinosa, Alpine Security CEO

Alpine Security has provided medical device cybersecurity assessment and testing service since 2016 and has continued to refine their medical device assessment and penetration testing capabilities. Prior to COVID-19, Alpine Security’s cybersecurity engineers traveled onsite to medical device manufacturing facilities to provide testing onsite, at client facilities. Due to safety and travel limitations associated with COVID-19, Alpine Security has converted one of their training classrooms to a medical device testing facility. Clients now ship their medical devices to Alpine Security’s facility for cybersecurity assessment and testing.

Alpine Security medical device manufacturing clients are thrilled with this new approach because it provides an alternative for testing during COVID-19, saves on travel costs, and offers more flexibility with testing timelines.

Alpine Security’s medical device testing framework references the following standards:

  • The Open Source Security Testing Methodology Manual
  • U.S. NIST SP 800-115: Technical Guide to Information Security Testing and Assessment
  • FDA Premarket Notification 510(k)
  • FDA Content of Premarket Submissions for Management of Cybersecurity in Medical Devices (2018 Draft)
  • EU Medical Device Regulation (MDR)
  • UL 2900 set of standards (UL’s Cybersecurity Assurance Program)

Alpine Security’s medical device cybersecurity assessment an penetration testing services consists of the following high-level activities:

  • Assess risk pertaining to confidentiality, integrity and availability
  • Assess entry points to systems
  • Assess existing controls
  • Assess data flows
  • Assess use cases
  • Assess and assist with the Threat Tree development
  • Assess and assist with the Traceability Matrix
  • Assess and assist with standard operating procedures
  • Assess and assist with software architecture cybersecurity
  • Recommend revisions to or new cybersecurity controls
  • Recommend design changes to reduce risk
  • White box medical device penetration testing

For more information on Alpine Security’s medical device cybersecurity assessment and testing services, you can reach them here:

— Phone: 844-925-7463

— Email: info@alpinesecurity.com

— Website: https://alpinesecurity.com/

ABOUT ALPINE SECURITY

Alpine Security focuses on several main areas to help prevent cybercrime:

  • Medical device cybersecurity – we work with medical device manufacturers to ensure their devices are secure from cyberattacks; that the medical device used by your healthcare provider on you or your loved one for diagnostics or surgery is safe and secure.
  • Fractional and virtual Chief Information Security Officer (CISO) – we work with SMBs to help assess cybersecurity risk and develop a cybersecurity roadmap. SMBs are vital to our economy. We want to do our part to help prevent data breaches.
  • Cybersecurity training – we work with individuals and organizations to increase cybersecurity skills, knowledge, and abilities. Increased awareness helps prevent cybercrime.

Share article on social media or email:

Leave a Reply