Home > On-Demand Archives > Theatre Talks >

Why Cybersecurity Should be Earlier in the Design Cycle

Jeridiah Welti - Watch Now - EOC 2025 - Duration: 20:05

Why Cybersecurity Should be Earlier in the Design Cycle
Jeridiah Welti

Get Your Pass Today!

An exploration and justification of why cybersecurity needs to be an upfront consideration in design projects. The author examines the benefits of incorporating secure design early and integrating it throughout the entire lifecycle, as well as the drawbacks of postponing it until the end. Key considerations include budget, time to market, and overall security of the final product.

M↓ MARKDOWN HELP
italicssurround text with 
*asterisks*
boldsurround text with 
**two asterisks**
hyperlink
[hyperlink](https://example.com)
or just a bare URL
code
surround text with 
`backticks`
strikethroughsurround text with 
~~two tilde characters~~
quote
prefix with 
>
datamstr
Score: 0 | 2 weeks ago | no reply

Excellent presentation!

Nikos-veevue
Score: 0 | 2 weeks ago | no reply

Thanks for the talk! Among others, I found very unique and interesting the connection between early cybersecurity <-> simple design <-> improved battery life! I'm also 100% with you in your central message: cybersecurity should be a priority from the beginning.

bboniface
Score: 0 | 2 weeks ago | 1 reply

Hi Jeridiah, thanks for the talk! I'd like your take on the initial steps that should be taken to start addressing cybersecurity in the product development process, specifically for medical device development? Thanks.

JeridiahSpeaker
Score: 0 | 2 weeks ago | 1 reply

Can you clarify your question a little? Are you asking specifically first steps in any development process, or how do we start shifting the attitude(s) on cybersecurity in the process?

bboniface
Score: 0 | 2 weeks ago | 1 reply

What initial steps should be taken to go from a state of not addressing cybersecurity at all in a medical device design to making it a part of the product development process? Understandably this also requires a culture shift, but I'm more interested in the tangible process and potential compliance related considerations.

JeridiahSpeaker
Score: 0 | 2 weeks ago | 1 reply

Great question. If you have nothing now, I would highly recommend "Medical Device Security for Engineers and Manufacturers by Wirth, Gates and Smith". Excellent book on the topic and will help you to figure out what you know and what you don't. At the end of the day cybersecurity processes are largely risk management processes and if you have a risk management process in place you will see a lot of overlapping activities just with different names.
The FDA has a great guidance document on what they are looking for. https://www.fda.gov/media/119933/download
Reading that over will give you a good starting point of what they are looking for in a submission. They say "guidance" but it's really pretty mandatory now, and be assured they will bump you if you try to gloss over it.
Please reach out jeridiah.welti@bench.com and would love to discuss further how we can possibly help you.

bboniface
Score: 0 | 2 weeks ago | no reply

Very helpful! Thank you.
glennk
Score: 0 | 2 weeks ago | no reply

Very timely topic. Thanks for the talk, Jeridiah!

OUR SPONSORS & PARTNERS