Medical devices and medical software are becoming increasingly connected to hospital networks, other medical devices or the Internet. As a result, manufacturers and developers are required to consider cybersecurity from the very early stages of development. This in turn necessitates comprehensive risk management along the entire lifecycle of a device.