Medical devices Incident Response: Basics
RCCE students will learn medical device cybersecurity including FDA premarket and postmarket guidance, medical device network security, legacy device protection, clinical network segmentation, and healthcare IoT security. RCCE students will learn to assess medical device cybersecurity risks in clinical environments, implement network segmentation to isolate medical devices from general IT networks, manage legacy medical device vulnerabilities without disrupting patient care, comply with FDA cybersecurity guidance and HIPAA security requirements, monitor medical device communications for anomalies, coordinate vulnerability disclosure with device manufacturers, and respond to cybersecurity incidents affecting medical devices while maintaining patient safety. This incident response course prepares students to act decisively during security incidents with structured workflows and clear decision frameworks. Building on core knowledge, RCCE students will learn containment, evidence collection, eradication, and recovery procedures specific to this domain. Students practice incident scenarios that build the composure, coordination, and documentation skills essential for effective incident handling.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Medical devices Incident Response: Basics
- Build detections and response workflows for privilege escalation
- Explain Course Overview fundamentals
- Execute hands-on tasks for what you will learn
- Execute hands-on tasks for domain & level — covering Domain: OT Security | Foundations.
- Execute hands-on tasks for learning objectives
- Execute hands-on tasks for unique challenges
- Execute hands-on tasks for regulatory drivers — covering Implantable devices, Life-critical operations.
- Execute hands-on tasks for medical device categories & cyber risk
- Execute hands-on tasks for device class
- Execute hands-on tasks for network exposure
- Execute hands-on tasks for risk level
- Execute hands-on tasks for diagnostic imaging
| Module 01 | Medical Devices Incident Response: |
| Module 02 | Course Overview |
| Module 03 | What You Will Learn |
| Module 04 | Domain & Level |
| Module 05 | Learning Objectives |
| Module 06 | Unique Challenges |
| Module 07 | Regulatory Drivers |
| Module 08 | Medical Device Categories & Cyber Risk |
| Module 09 | Device Class |
| Module 10 | Network Exposure |
| Module 11 | Risk Level |
| Module 12 | Diagnostic Imaging |
| Module 13 | Why Medical Devices Are High-Risk Targets |
| Module 14 | Patient Data Value |
All hands-on labs run on Rocheston Rose X OS. Students practice medical devices incident response: basics by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Build detections and response workflows for privilege escalation
- Lab 2: Explain Course Overview fundamentals
- Lab 3: Execute hands-on tasks for what you will learn
- Lab 4: Execute hands-on tasks for domain & level
- Lab 5: Execute hands-on tasks for learning objectives
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Medical devices Incident Response: Basics, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI