A medical device manufacturer needed expertise to improve security controls associated with their medical devices and data management applications. This included understanding regulatory applicability and the impact on security controls.
![](https://divihn.com/wp-content/uploads/2020/04/07-feat.jpg)
The Challenge
The number of devices, device use cases (includes data flows), and data management application integration presented a significant amount of complexity. Mapping the security controls to collection, processing, and storage of personally identifiable information required detailed workshops with several stakeholders.
Our Solution
The client engaged our Data & Technology Risk Assessment, Compliance Management, and IoT Security services to assess the cybersecurity capability, understand compliance, and determine risk. A comprehensive analysis of device firmware, data storage, device access, maintenance functions, and host interface was performed. Additionally, a thorough review of application security and data protection associated web applications and APIs was conducted.
Highlights
The results achieved as a result of the engagements include:
- Significantly reduced business risk by closing critical findings
- Increased business prospects by improving the ability to
communicate cybersecurity controls to potential customers - Decreased risk by integrating security into product development processes