{"guid":"d52c42a2-6942-5b6e-8d05-f46780bc280c","title":"The ongoing (silent) storm in the medical devices industry and since when cybersecurity is a thing","subtitle":null,"slug":"38c3-the-ongoing-silent-storm-in-the-medical-devices-industry-and-since-when-cybersecurity-is-a-thing","link":"https://events.ccc.de/congress/2024/hub/event/the-ongoing-silent-storm-in-the-medical-devices-industry-and-since-when-cybersecurity-is-a-thing/","description":"Medical technology is a heavily regulated industry and while there are very big name companies with deep pockets, small to medium manufacturers are struggling to keep up with the sheer amount of cybersecurity requirements. On top of all this, the requirements are many, qualified people are rare, and essential dependencies have shown not to be always stable.\n\n- Intro and giving a tangible sense of how heavily regulated is medical device industry\n- Dates and ongoing movements in the industry (eStar evolution, regulatory bodies, manufacturers, notified bodies, security companies, pentest providers)\n- How are the new aspects affecting new products and product updates: SBOM, threat modeling, security risk management\n- The long list of challenges, pitfalls and other fun aspects: legacy, embedded, certifications, SBOMs, CPEs, NVD chaos, risk management, etc.)\n\nLicensed to the public under http://creativecommons.org/licenses/by/4.0","original_language":"eng","persons":["Haitham Abbadi"],"view_count":2093,"promoted":false,"date":"2024-12-29T17:15:00.000+01:00","release_date":"2024-12-30T00:00:00.000+01:00","updated_at":"2026-04-03T13:00:04.225+02:00","tags":["38c3","738","2024","Stage YELL"],"length":3631,"duration":3631,"thumb_url":"https://static.media.ccc.de/media/congress/2024/738-d52c42a2-6942-5b6e-8d05-f46780bc280c.jpg","poster_url":"https://static.media.ccc.de/media/congress/2024/738-d52c42a2-6942-5b6e-8d05-f46780bc280c_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2024/738-d52c42a2-6942-5b6e-8d05-f46780bc280c.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2024/738-d52c42a2-6942-5b6e-8d05-f46780bc280c.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/38c3-the-ongoing-silent-storm-in-the-medical-devices-industry-and-since-when-cybersecurity-is-a-thing","url":"https://media.ccc.de/public/events/d52c42a2-6942-5b6e-8d05-f46780bc280c","conference_title":"38C3: Illegal Instructions","conference_url":"https://media.ccc.de/public/conferences/38c3","related":[],"recordings":[{"size":55,"length":3631,"mime_type":"audio/mpeg","language":"deu","filename":"38c3-738-deu-The_ongoing_silent_storm_in_the_medical_devices_industry_and_since_when_cybersecurity_is_a_thing_mp3-2.mp3","state":"new","folder":"mp3-translated","high_quality":false,"width":0,"height":0,"updated_at":"2025-01-01T21:46:50.375+01:00","recording_url":"https://cdn.media.ccc.de/congress/2024/mp3-translated/38c3-738-deu-The_ongoing_silent_storm_in_the_medical_devices_industry_and_since_when_cybersecurity_is_a_thing_mp3-2.mp3","url":"https://media.ccc.de/public/recordings/83940","event_url":"https://media.ccc.de/public/events/d52c42a2-6942-5b6e-8d05-f46780bc280c","conference_url":"https://media.ccc.de/public/conferences/38c3"},{"size":37,"length":3631,"mime_type":"audio/opus","language":"deu","filename":"38c3-738-deu-The_ongoing_silent_storm_in_the_medical_devices_industry_and_since_when_cybersecurity_is_a_thing_opus-2.opus","state":"new","folder":"opus-translation","high_quality":false,"width":0,"height":0,"updated_at":"2025-01-01T21:44:56.055+01:00","recording_url":"https://cdn.media.ccc.de/congress/2024/opus-translation/38c3-738-deu-The_ongoing_silent_storm_in_the_medical_devices_industry_and_since_when_cybersecurity_is_a_thing_opus-2.opus","url":"https://media.ccc.de/public/recordings/83937","event_url":"https://media.ccc.de/public/events/d52c42a2-6942-5b6e-8d05-f46780bc280c","conference_url":"https://media.ccc.de/public/conferences/38c3"},{"size":205,"length":3631,"mime_type":"video/webm","language":"eng-deu","filename":"38c3-738-eng-deu-The_ongoing_silent_storm_in_the_medical_devices_industry_and_since_when_cybersecurity_is_a_thing_webm-sd.webm","state":"new","folder":"webm-sd","high_quality":false,"width":720,"height":576,"updated_at":"2025-01-02T00:25:40.055+01:00","recording_url":"https://cdn.media.ccc.de/congress/2024/webm-sd/38c3-738-eng-deu-The_ongoing_silent_storm_in_the_medical_devices_industry_and_since_when_cybersecurity_is_a_thing_webm-sd.webm","url":"https://media.ccc.de/public/recordings/84301","event_url":"https://media.ccc.de/public/events/d52c42a2-6942-5b6e-8d05-f46780bc280c","conference_url":"https://media.ccc.de/public/conferences/38c3"},{"size":588,"length":3631,"mime_type":"video/webm","language":"eng-deu","filename":"38c3-738-eng-deu-The_ongoing_silent_storm_in_the_medical_devices_industry_and_since_when_cybersecurity_is_a_thing_webm-hd.webm","state":"new","folder":"webm-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2025-01-02T00:25:32.309+01:00","recording_url":"https://cdn.media.ccc.de/congress/2024/webm-hd/38c3-738-eng-deu-The_ongoing_silent_storm_in_the_medical_devices_industry_and_since_when_cybersecurity_is_a_thing_webm-hd.webm","url":"https://media.ccc.de/public/recordings/84300","event_url":"https://media.ccc.de/public/events/d52c42a2-6942-5b6e-8d05-f46780bc280c","conference_url":"https://media.ccc.de/public/conferences/38c3"},{"size":55,"length":3631,"mime_type":"audio/mpeg","language":"eng","filename":"38c3-738-eng-The_ongoing_silent_storm_in_the_medical_devices_industry_and_since_when_cybersecurity_is_a_thing_mp3.mp3","state":"new","folder":"mp3","high_quality":false,"width":0,"height":0,"updated_at":"2025-01-01T21:47:36.833+01:00","recording_url":"https://cdn.media.ccc.de/congress/2024/mp3/38c3-738-eng-The_ongoing_silent_storm_in_the_medical_devices_industry_and_since_when_cybersecurity_is_a_thing_mp3.mp3","url":"https://media.ccc.de/public/recordings/83941","event_url":"https://media.ccc.de/public/events/d52c42a2-6942-5b6e-8d05-f46780bc280c","conference_url":"https://media.ccc.de/public/conferences/38c3"},{"size":33,"length":3631,"mime_type":"audio/opus","language":"eng","filename":"38c3-738-eng-The_ongoing_silent_storm_in_the_medical_devices_industry_and_since_when_cybersecurity_is_a_thing_opus.opus","state":"new","folder":"opus","high_quality":false,"width":0,"height":0,"updated_at":"2025-01-01T21:46:45.873+01:00","recording_url":"https://cdn.media.ccc.de/congress/2024/opus/38c3-738-eng-The_ongoing_silent_storm_in_the_medical_devices_industry_and_since_when_cybersecurity_is_a_thing_opus.opus","url":"https://media.ccc.de/public/recordings/83939","event_url":"https://media.ccc.de/public/events/d52c42a2-6942-5b6e-8d05-f46780bc280c","conference_url":"https://media.ccc.de/public/conferences/38c3"},{"size":181,"length":3631,"mime_type":"video/mp4","language":"eng-deu","filename":"38c3-738-eng-deu-The_ongoing_silent_storm_in_the_medical_devices_industry_and_since_when_cybersecurity_is_a_thing_sd.mp4","state":"new","folder":"h264-sd","high_quality":false,"width":720,"height":576,"updated_at":"2025-01-01T21:45:03.421+01:00","recording_url":"https://cdn.media.ccc.de/congress/2024/h264-sd/38c3-738-eng-deu-The_ongoing_silent_storm_in_the_medical_devices_industry_and_since_when_cybersecurity_is_a_thing_sd.mp4","url":"https://media.ccc.de/public/recordings/83938","event_url":"https://media.ccc.de/public/events/d52c42a2-6942-5b6e-8d05-f46780bc280c","conference_url":"https://media.ccc.de/public/conferences/38c3"},{"size":1572,"length":3631,"mime_type":"video/mp4","language":"eng-deu","filename":"38c3-738-eng-deu-The_ongoing_silent_storm_in_the_medical_devices_industry_and_since_when_cybersecurity_is_a_thing_hd.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2024-12-30T17:14:04.874+01:00","recording_url":"https://cdn.media.ccc.de/congress/2024/h264-hd/38c3-738-eng-deu-The_ongoing_silent_storm_in_the_medical_devices_industry_and_since_when_cybersecurity_is_a_thing_hd.mp4","url":"https://media.ccc.de/public/recordings/83480","event_url":"https://media.ccc.de/public/events/d52c42a2-6942-5b6e-8d05-f46780bc280c","conference_url":"https://media.ccc.de/public/conferences/38c3"},{"size":1402,"length":3631,"mime_type":"video/mp4","language":"deu","filename":"38c3-738-deu-The_ongoing_silent_storm_in_the_medical_devices_industry_and_since_when_cybersecurity_is_a_thing.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2024-12-30T17:13:26.225+01:00","recording_url":"https://cdn.media.ccc.de/congress/2024/h264-hd/38c3-738-deu-The_ongoing_silent_storm_in_the_medical_devices_industry_and_since_when_cybersecurity_is_a_thing.mp4","url":"https://media.ccc.de/public/recordings/83479","event_url":"https://media.ccc.de/public/events/d52c42a2-6942-5b6e-8d05-f46780bc280c","conference_url":"https://media.ccc.de/public/conferences/38c3"},{"size":1402,"length":3631,"mime_type":"video/mp4","language":"eng","filename":"38c3-738-eng-The_ongoing_silent_storm_in_the_medical_devices_industry_and_since_when_cybersecurity_is_a_thing.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2024-12-30T17:12:47.938+01:00","recording_url":"https://cdn.media.ccc.de/congress/2024/h264-hd/38c3-738-eng-The_ongoing_silent_storm_in_the_medical_devices_industry_and_since_when_cybersecurity_is_a_thing.mp4","url":"https://media.ccc.de/public/recordings/83478","event_url":"https://media.ccc.de/public/events/d52c42a2-6942-5b6e-8d05-f46780bc280c","conference_url":"https://media.ccc.de/public/conferences/38c3"}]}