Medical device security is a system property that has traditionally not been designed into many medical device systems. Implementing security controls has meant not implementing something else that customers want, but as medical systems become more capable, abusing them becomes more attractive. Recent attacks have shown a level of sophistication which could serve as a blueprint for medical device attacks. Attendees will learn the motivations behind cybercrime targeting medical systems, how malware might be extended to medical devices, a methodology to address the threats, and how to optimize resources through system engineering.
- Motivations for targeting medical systems
- How malware may be extended to medical device
- Value of System Engineering
About Dan Lyon
Dan Lyon is a Sr. Security Consultant with Cigital, one of the world’s largest consulting firms on software security. Prior to Cigital, Dan spent 18 years with Medtronic as a software and system engineer for medical products including implanted devices, instruments, and servers. Dan holds BA degrees in Mathematics and Computer Science from Luther College and is currently pursuing a master’s degree in information security engineering through SANS Technology Institute.