Navigation Links
Alpine Security Introduces Evolutions for Medical Device Cybersecurity Assessment and Penetration Testing

St. Louis-based firm Alpine Security ("Alpine") aims to secure the healthcare industry from cyberattacks. One way Alpine is securing healthcare is by working with medical device manufacturers to help ensure their devices are safe from cybercriminals. Medical devices range from external systems, such as drug infusion pumps or patient monitoring systems to implantable (internal) devices, like pacemakers. Cybercriminals go after medical devices for four main reasons:

1. To steal Protected Health Information (PHI) (Motive: Financial Gain)
2. Ransomware (Motive: Financial Gain)
3. To harm or kill a patient (Motive: Terrorism or Assassination)
4. To use the medical device as a beachhead for enemy advancement (Motive: Foothold to Expand Operations)

Alpine developed and introduced its "Evolution" methodology for medical device cybersecurity assessments and testing to help medical device manufacturers mature the cybersecurity of their devices. Alpine's Evolution approach is based on Navy SEAL Evolutions. The SEALs use Evolutions to describe each progressive event in a training schedule. The general idea is that as you progress through each Evolution you mature and evolve. Alpine assists medical device manufacturers to evolve the cybersecurity of their medical devices using a structured, phased approach.

Alpine's medical device cybersecurity assessment and penetration testing methodology has two main Evolutions and can include as many as necessary. During each Evolution, the medical device is thoroughly assessed and tested. The first Evolution establishes a cybersecurity baseline for the medical device. This baseline includes all the ways an attacker could gain entry to and compromise the device, as well as the risk associated with each method of compromise. Higher rated risks typically affect patient safety or privacy. After the first Evolution, the medical device manufacturer works to fix the vulnerabilities identified by Alpine Security. The next Evolution validates the vulnerabilities were fixed and checks for any new vulnerabilities that may have been introduced. This process, the Evolution, repeats as many times as necessary to get the medical device to an acceptable risk level.

Alpine's Evolutions include the following activities, in addition to a technical "white box" penetration test:
-- Identification and prioritization of risk pertaining to confidentiality, integrity, and availability
-- Identification and assessment of all entry points into the device (system)
-- Assessment of existing cybersecurity controls
-- Identification and assessment of data flows
-- Identification and assessment of use case risk
-- Threat (Attack) Tree development
-- Assessment of the cybersecurity Traceability Matrix
-- Assessment of medical device standard operating procedures
-- Assessment of software cybersecurity architecture

For more information on Alpine Security's medical device cybersecurity assessment and testing, contact Alpine Security at 844-925-7463 / or visit their website at

Read the full story at

Source: PRWeb
Copyright©2020 Vocus, Inc.
All rights reserved

Related medicine technology :

1. Ortho Development Receives FDA Clearance for Alpine Hip Stem
2. Distinguished Speaker to Discuss the Intersection of Privacy and Security Laws and Biometrics at the 3rd Annual Healthcare Compliance Symposium on April 23rd, 2020
3. SweetLeaf® Joins Industry Leaders to Discuss Sustainable Nutrition Security at Forum
4. COMPLIANCY GROUP Hires VP of Partner Engagement and Cybersecurity to Help the Managed Service Provider (MSP) Evolve to Business Solution Provider (BSP)
5. FDAnews Announces — Understanding the Drug Supply Chain Security Act (DSCSA): Latest Regulatory Developments and Best Practices Webinar, Sept. 26, 2019
6. Cyberbit and Purdue Partner to Advance Cybersecurity Workforce Education and Training
7. Fortified Health Security Releases 2019 Mid Year Horizon Report
8. Social Security Benefits Lose 33% of Buying Power Since 2000 According to Latest Study By The Senior Citizens League
9. Center for Information Security Awareness - (CFISA) Offers Exciting New In-Person "Security Awareness Training” for Businesses
10. Data Security Leader GTB Technologies to Showcase the Markets' First Data Misclassification & Cloud / Container Data Exfiltration Solutions during the RSA Conference 2019
11. United Security Health & Casualty Insurance Company Introduces Personal Accident and Medical Insurance Plan
Post Your Comments:
(Date:3/30/2020)... ... March 30, 2020 , ... Energage, the leader in helping ... a series of survey question packs that enable organizations to keep the lines ... As the current situation continues to evolve, The Energage Operational Readiness Survey Packs ...
(Date:3/30/2020)... ... March 30, 2020 , ... Representatives with Miami-based Tattoo ... Technician' service. , "We are very excited to offer this service," said Barbara ... the Institute of Tattoo Removal is available to answer any questions or concerns ...
(Date:3/28/2020)... (PRWEB) , ... March 27, 2020 , ... ... Isagenix International has named Gary Gallant as its permanent CIO. In ... wellness company’s technology vision, ensuring Isagenix can provide a smooth shopping experience for ...
Breaking Medicine Technology:
(Date:4/5/2020)... , ... April 04, 2020 , ... ... LLC (Three Wire), is uniting with the Yellow Ribbon Fund (YRF) to offer ... with the organization. By continuing an ongoing partnership to launch a new initiative ...
(Date:4/2/2020)... ... April 02, 2020 , ... LifeLearn Animal Health , in partnership ... launch of the veterinary CE course COVID-19: What we know and don’t know ... “When it comes to COVID-19, it’s important for practices and pet owners to get ...
(Date:4/1/2020)... Va. (PRWEB) , ... April 02, 2020 , ... Medical ... 3:00 p.m. EDT, , What change management method should one ... the method is often dependent on the type of change. Is it due to ...
(Date:4/1/2020)... ... April 01, 2020 , ... “Medical information is considered ... says Keller Grover LLP attorney Eric A. Grover. “For that reason, healthcare ... negligent release and disclosure of medical information can, under certain circumstances, give rise ...
(Date:3/28/2020)... ... March 27, 2020 , ... The construction industry is taking ... the coronavirus. Operating under the designation as an essential business as modified today ... protection projects in the downstate New York region. , While certain projects have ...
Breaking Medicine News(10 mins):