In this interview, we talk to Axel, Christopher, and Jason authors of the book Medical Device Cybersecurity for Engineers and Manufacturers, Second Edition. We discuss the motivation behind writing the book, the target audience, the most useful aspects of the book, the challenges of writing the book, and advice for other engineers who are considering writing a book.
Axel Wirth holds a Master of Science in Engineering Management from Tufts University and a Bachelor of Science in Electrical, Electronics, and Communications Engineering from Düsseldorf University of Applied Sciences. He is currently the Chief Security Strategist at MedCrypt, where he has led efforts to integrate modern cybersecurity into healthcare technology since September 2019. He also serves as an Adjunct Professor at the University of Connecticut, teaching “Medical Device Cybersecurity” to graduate students.
Christopher Gates holds a B.S. in Computer Science from California State University. He is the Director of Product Security at Velentium, where he has been since January 2021. He previously worked as a Principal System Security Architect at Velentium, implementing Secure Development Lifecycle processes.
Jason Smith holds a bachelor’s degree in English and Religious Studies from William & Mary and a master’s degree in Apologetics and Cultural Studies from Houston Baptist University. He is currently serving as a Senior Marketing Strategist at Velentium and previously worked as a Technical Writer.
1.Could you summarize the main content of your book? What are the key topics addressed?
Medical Device Cybersecurity for Engineers and Manufacturers, Second Edition removes the mystery from cybersecurity engineering and regulatory processes and practices, showing medical device manufacturers how to produce and maintain devices that meet evolving regulatory expectations and reduce business and patient exposure to cybersecurity risks. It represents a complete guide for medical device manufacturers seeking to implement lifecycle processes that secure their premarket and postmarket activities.
This step-by-step guide educates manufacturers about the implementation of security best practices in accordance with industry standards and expectations, advising the reader about everything from high-level concepts to real-world solutions and tools. It focuses on the security aspects of every lifecycle of the product, including concept, design, implementation, supply chain, manufacturing, postmarket, maintenance, and end of life. It details the practices, processes, and outputs necessary to create a secure medical device capable of gaining regulatory approval and meeting market entry requirements.
2.What is the primary purpose of your book? How do you envision it helping readers in their work or studies?
The primary purpose of the book is to educate medical device manufacturers and their engineers about how to develop the organizational capabilities to design secure medical devices that meet today’s regulatory requirements and customer needs. In order to gain market approval, manufacturers need to be able to reliably and reproducibly develop cyber-secure medical devices and provide the documentary evidence to support regulatory submission.
3.What sets your book apart from other works in the same field? Are there any innovative concepts, methodologies, or insights that make it stand out?
There are many existing regulations and standards out there, which we discuss in the book, that describe the requirements and practices that can be used to develop secure medical devices. However, they tend to be quite abstract as well as difficult to interpret and turn into actionable and successful security programs. Our approach is more pragmatic by using these regulations and standards as a baseline but then demonstrate an implementable approach to building a security program that can grow with an organization and can scale based on size and needs.
4.Who is the intended readership for your book? Are there specific industries, professionals, or fields of study that would benefit most from this content?
The primary readership are engineers, whether they are in a dedicated security role or general engineers, that work for medical device manufacturers. However, we are also addressing secondary audiences such as device manufacturer executives and business decision makers, engineering management, software/firmware engineers, regulatory professionals, contract manufacturers, regulators, product/project managers, sales and marketing teams, as well as healthcare delivery organizations.
5.What are the most important lessons or insights you want readers to take away from this book?
Cybersecurity is here to stay but there is no reason to be afraid of it. Start with a “one bite at a time” approach and educate yourself …. and read the book.
6.Does your book include any original research, case studies, or data? If so, could you highlight some of the most significant findings?
The book is based on the hands-on experience of the primary and contributing authors and the practices they have developed over their decades in the medical device and cybersecurity industries.
7.Does your book address any new or emerging trends in the field? How does it prepare readers for future developments?
The 2nd edition was necessary to provide updates that reflect new and evolving cybersecurity regulations. Further, since the 1st edition the market and our target audience have matured and required a deeper dive on several topics. Hence, this new edition provides reworked, updated, and new content resulting in a 60% increase in volume.
8.What personal experiences, if any, have shaped your perspective or approach to the topics discussed in your book?
The basis for the knowledge we shared in the book is our collective experience of many decades in the medical device and cybersecurity industries. Specifically, the 2nd edition includes a lot of the feedback we received from readers of the 1st edition …. people that approached us at trade shows and industry events, showing us their copy of the book, well-decorated with yellow stickies, highlights, and sidebar notes.
Learn more about the book on our websites:
ARTECH HOUSE USA : Medical Device Cybersecurity for Engineers and Manufacturers, Second Edition
ARTECH HOUSE U.K.: Medical Device Cybersecurity for Engineers and Manufacturers, Second Edition
More Security content here Security and Privacy – Artech House Insider
