Bootcamp Begins In
Threat Modeling for Technical and Regulatory Professionals
MDIC and Shostack + Associates have come together to offer the Medical Device Threat Modeling Bootcamp. This learning opportunity is a five-day intensive workshop on managing cybersecurity risks in medical devices and diagnostics.
The Bootcamp will be held the week of December 12th.
During the Bootcamp you will:
- Participate in 2-hour Instructor-led virtual discussions daily (9-11am Pacific)
- Participate in 1-hour group work daily (11-12am Pacific)
- Complete approximately 1-hour of individual assignments and video lessons daily
- Welcome and intros
- Hands on Threat Modeling
- Structures we use in threat modeling
- System models
- System models
- STRIDE threats
- STRIDE Threats
- Assessing work
- Kill chains
- Kill chains
- bringing to our work
Why is Medical Device Cybersecurity Threat Modeling Important?
Every participant receives
printed and electronic copies of:
Slidebook (125 pages, spiral bound)
Elevation of Privilege game
Threat modeling stencil
Why The Medical Device Threat Modeling Bootcamp is The Learning Opportunity for You
"One of the top professional development courses in my 35+ year career. - Charles F."
Which virtual meeting platform is used for the Instructor-led discussions?
Instructor-led discussions are conducted via Zoom. The best way to utilize Zoom is with the installed desktop client. Zoom can be used in your browser without losing access to any of the features used in class.
Where do I go to access the video lessons?
Video lessons are hosted here in our Learning Management System. Once you enroll you will find the course in your Student Dashboard. We have structured the course so that each video and assignment you need to complete is found in the chapter for the day in which it is due.
When will I be able to access the video lessons?
We make all digital course materials available the week prior to the Bootcamp, and they remain available to learners for 30 days after the course.
What else do I need in order to participate in the bootcamp?
1) We use Slack for course communications. You will be able to Join Slack using a link found in the First Actions chapter. 2) We use Miro as a collaborative tool. You can create a free Miro account here: https://miro.com The free (3 drawing) version is fine for the class, as is the web version. That is, you don’t need to install their software as a local app. 3) We use Google Docs as a collaborative tool to record group session notes. 4) You should have a good microphone and camera so that you can fully participate in the instructor-led and group work. Headphones may be useful if you are in an environment with background noise.
Who is providing the training?
1) MDIC is the promoting agency who is hosting the Bootcamp. 2) Our lead Instructor is Adam Shostack, a leading expert on threat modeling. He has decades of experience delivering security. His experience ranges across the business world from founding startups to nearly a decade at Microsoft. His accomplishments include: Helped create the CVE. Now an Emeritus member of the Advisory Board; Fixing Autorun for hundreds of millions of systems; Lead the design and delivery of the Microsoft SDL Threat Modeling Tool (v3); Created the Elevation of Privilege threat modeling game; Wrote Threat Modeling: Designing for Security; Co-authored The New School of Information Security. 3) Adam will be supported by Threat Modeling Professionals with Medical Device experience and knowledge.
What if the physical materials do not arrive before the bootcamp?
The physical materials are “nice-to-haves” and not required for the training itself. The materials necessary for the class (Course Slide Book and Exercise Book) are also found in the learning management system (LMS). They can be downloaded in their entirety as PDFs. The slides will appear on screen in the video lessons and during live discussion. Exercises are also individually placed as lesson modules in the LMS at the appropriate places for a streamlined independent-study learning journey. The primary purpose of the physical materials is to provide a resource for continued study and reference as participants integrate threat modeling into their daily activities.
Who do I reach out to with questions?
You can reach out with questions and issues at Classhelp@shostack.org