Bishop Fox named “Leader” in 2024 GigaOm Radar for Attack Surface Management. Read the Report ›

A Practical Guide to Operationalizing the FDA's 2023 Cybersecurity Requirements

Join our webcast with Matt Twells to understand the impact of the FDA's HR.2617 legislation on medical device cybersecurity, learn how to build a robust plan, address vulnerabilities, manage supply chain risks, and anticipate future trends.

The FDA's new 2023 legislation, HR.2617, section 524B, has set the stage for stringent cybersecurity requirements for medical devices that will almost certainly apply to your organization in some way.

Join our webcast to hear Matt Twells, Senior Solutions Architect, demystify the new legislation, which imposes stringent cybersecurity requirements for medical devices. Whether you're a healthcare provider, handle private healthcare information, or manufacture medical devices, this talk is essential for understanding and navigating the new regulatory landscape and equip attendees with practical knowledge that they can apply within their organizations.

Key takeaways:

  • Understanding the implications of HR.2617, section 524B and its impact on medical device manufacturers
  • Building a robust cybersecurity plan that includes threat modelling and secure design practices
  • Addressing post-market vulnerabilities, with a focus on wireless, Bluetooth, and IoT security weaknesses
  • Implementing strategies for managing technical supply chain risks and staying updated with the cybersecurity landscape
  • Crafting a comprehensive process for assuring device/system security, including the use of Software Bills of Materials (SBOMs)
  • Anticipating future trends and challenges, with a look ahead to the forthcoming GAO report


  • 03:51 - Introduction
  • 6:22 -  Background on HR.26.17, Section 524B
  • 20:28 - New Expectations from the FDA
  • 39:26 - Becoming the Pacesetter: Operationalizing
  • 1:03:18 - Looking Ahead: The GAO Report

Matt Twells

About the speaker, Matt Twells

Senior Solutions Architect

Matthew Twells is a Senior Solutions Architect at Bishop Fox focused on technical scoping of client engagements, training and development, and sales enablement. He graduated from the University of Reading in Reading, England with a B.A. (Hons) in Economics, and has spent time working in the British Army as a Secure Communications Engineer, working with the National Health Service as part of the Cyber Defense Operations Center (CDOC) team during the COVID-19 pandemic and subsequently in a variety of cybersecurity consulting, technical project management, internal audit, and penetration testing roles over the last 7 years.

More by Matt

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.