Advisory board
CYLCOMED’s Advisory Board has four renowned experts from a variety of organisations and research institutions, all active players in related areas who have agreed to contribute their time. The AB offers support on state-of-the-art analyses as valuable inputs for EC policy impacts and future priorities and provides recommendations on the current European landscape.
Initial Advisory Board members are:
Juan Carlos Muria-Tarazon
University Professor – Applied Research & Knowledge Transfer – Strategy-aligned innovation, AI & cybersecurity, Universitat Politècnica de València
With over 20 years of experience in healthcare IT, Juan Carlos Muria-Tarazon has led transformation projects in areas like EHR, interoperability, cybersecurity, and advanced analytics. His focus is on making healthcare systems more sustainable, accessible, and value-driven. He combines strategic consulting with hands-on expertise in AI risk, IT governance, and digital health innovation. As an educator and writer, he helps bridge technology and management in the health sector. His work is driven by the belief that digital tools should serve both professionals and patients.
How do you see the role of manufactures, healthcare providers, and regulators evolving in ensuring the cybersecurity of CMDs?
In Europe’s environment, where cybersecurity is becoming more and more essential, only the manufacturers that are cybersecurity-aware by default will survive in the market in the near future. Cybersecurity shall be part of product quality and patient safety requirements.
Looking ahead, what emerging technologies or approaches do you think will have the most impact on strengthening the cybersecurity of CMDs?
The most important approach isn’t new: collaboration strengthens security, while the lack of it weakens it. Sharing information about threats and effective measures is key. As for emerging technologies, AI can help with early attack detection, but AI-driven attacks will also pose new cybersecurity challenges.
From patients’ perspective, what should be the most urgent concerns or expectations regarding the cybersecurity of CMDs?
Patients expect their personal and health data to be protected and confidential. Medical devices should be no exception. Any breach or loss of access can undermine trust in both the healthcare system and the welfare state that supports it.
How can EU-led initiatives better support collaboration and knowledge sharing on cybersecurity threats and incidents impacting CMDs?
I believe that ENISA and the bodies defined under the NIS2 Directive, such as the CSIRT network, the Single Point of Contact, the Cooperation Group, and even EU-CyCLONe, are all designed to foster information sharing and collaboration. This spirit of cooperation has always been a core European value. However, I think the EU should make a greater effort to communicate these initiatives more rapidly and clearly, and to ensure consistent compliance by Member States.
Magdalena Mycek
Chief Specialist, Poland Ministry of Health, Department of e-Health
Ms. Mycek is an expert at the Polish Ministry of Health, currently working in the Department of E-Health, where she contributes to the implementation of the National Recovery and Resilience Plan (KPO). She has over a decade of experience in public health policy, international cooperation, and medical devices. She previously served as Deputy Director in the Department of Drug Policy and Pharmacy, and engaged in international cooperation projects. During the Polish Presidency of the Council of the EU, she was responsible for the priority topic cybersecurity of medical devices.
During our recent workshop, you emphasised the importance of raising awareness of EU-funded projects such as CYLCOMED. In your view, what would be the most effective ways to ensure that national ministries and other relevant stakeholders are informed and engaged?
Beneficiaries should put significant effort in the dissemination of the results of their own projects by trying to reach the ministries concerned. National governments are usually unaware of projects being implemented in the territory of Member States. In reality, the results could be valuable for health policy directions and have an impact on the decisions and positions taken, also on EU level.
From your perspective, what is currently the most pressing challenge in ensuring cybersecurity for medical devices, particularly in the context of rapidly evolving digital health technologies?
I would strongly argue that we need to unify the set of requirements concerning cybersecurity of medical devices among the NBs, give it a strong foundation in the binding law and preferably align it with CRA cybersecurity obligations. This would simplify the process for the manufacturers, healthcare providers and patients, boosting confidence towards the connected medical devices.
Could you share some of the key priorities currently guiding the work of EU health ministries, especially in relation to e-health, digital innovation, or patient safety?
We all try to follow the direction of simplifying the regulations, while trying to maintain a certain, necessary level of requirements. Cutting the red tape is the good direction, and we try to accommodate our undertakings in the cybersecurity domain in this context. To show the benefits to the manufacturers of structured and streamlined processes.
How can projects like CYLCOMED ensure that their results are not only visible, but also usable and scalable within national healthcare systems such as Poland’s?
First of all, projects like CYLCOMED deliver real world experience of what works and what does not, and where to find room for improvement. Most of the topics are co-regulated on the EU-level, that is why it is so important to stay in touch with national decision makers.
Evangelos Markatos
Professor of Computer Science at the University of Crete, Head of the DCS Lab at ICS-FORTH
Evangelos Markatos is a Professor of Computer Science at the University of Crete. He earned his diploma in Computer Engineering from the University of Patras, followed by an MSc and PhD in Computer Science from the University of Rochester. He is the founding head of the Distributed Computing Systems and Cybersecurity Laboratory at FORTH-ICS, where his research focuses broadly on computer systems, with particular emphasis on network security, privacy, and cybercrime.
He has served as a member of both the Permanent Stakeholders Group of ENISA (European Union Agency for Cybersecurity) and the Academic Advisory Network of Europol’s European Cybercrime Centre (EC3). He currently sits on the Advisory Group on Research and Development of Europol’s EC3, on the European Commission’s Health Cybersecurity Advisory Board and on the Strategic Research and Innovation Agenda Board of ECSO (European Cyber Security Organisation).
Professor Markatos has led numerous European cybersecurity initiatives. He was the founding coordinator of SysSec, the European Network of Excellence in Threats and Vulnerabilities for the Future Internet, comprising eight core partners and over 70 associated partners, co-funded by the European Commission. He also coordinated NoAH, a project that deployed one of Europe’s largest academic honeypot networks. Additionally, he has been the founding member of SENTER, the European Network of National Centers of Excellence in Cybercrime Research, Training, and Education.
He has co-authored over 150 publications in leading conferences and journals, including ACM SOSP, ACM SIGMETRICS, IEEE HPCA, ACM/IEEE ToN, IEEE JSAC, USENIX Security, and INFOCOM. His work has received over 9,500 citations, with an h-index of 50, according to Google Scholar. Professor Markatos is also a recipient of the prestigious Pichorides Teaching Award, the highest undergraduate teaching honor at the University of Crete.
As your work focuses on data science, could you share what the key challenges with working with patient data are?
Privacy:
Patient data represent some of the most sensitive information in existence, encompassing personal identifiers, medical histories, and genetic details. Protecting this data is not only an ethical imperative but also a legal one, governed by strict regulations such as the GDPR in Europe and HIPAA in the United States. Ensuring compliance requires rigorous control over how data are collected, stored, accessed, and shared. For data scientists, this creates a constant tension between the need for rich, detailed datasets to drive meaningful insights and the obligation to protect individual privacy. Techniques such as data anonymization, pseudonymization, and federated learning are increasingly being adopted to allow analysis without compromising confidentiality, but they also introduce additional technical and operational complexity.
Security:
Healthcare systems have become prime targets for cyberattacks due to the high value of medical data and the critical nature of healthcare services. Ensuring end-to-end security is therefore essential. A single breach can jeopardise not only data integrity but also patient safety and institutional trust. The challenge lies in safeguarding data across highly interconnected environments that often include legacy systems, third-party integrations, and remote access points. Achieving this requires a combination of robust encryption, real-time threat monitoring, access control, and continuous vulnerability assessment, all supported by a culture of cybersecurity awareness across the healthcare workforce.
How does data science help identify security threats or system failures in a project such CYLCOMED?
Anomaly Detection:
Machine learning and advanced analytics enable systems to establish a baseline of what constitutes “normal” behaviour across medical devices, healthcare networks, and user interactions. By continuously monitoring activity patterns, these models can detect subtle deviations that may signal a cyber intrusion, system malfunction, or misuse of resources. When anomalies are identified, the system can automatically flag or isolate affected components in real time, allowing for rapid investigation and mitigation. Over time, as more data are collected, these models can learn and adapt, refining their understanding of evolving behaviours and reducing false alarms.
Threat Intelligence:
Data science enhances cybersecurity by integrating internal system data with external threat intelligence sources to provide a holistic view of potential risks. By correlating signals such as irregular device behaviour, unusual network traffic, or suspicious access attempts with known threat indicators (such as malicious IP addresses) data-driven systems can uncover complex or coordinated cyberattacks that would otherwise remain hidden.
What excites you most about the integration of data science and cybersecurity ?
Opportunities:
The increasing availability and granularity of data present unprecedented opportunities to strengthen cybersecurity in healthcare and other critical domains. Data science enables a much deeper and more dynamic understanding of system behaviour, user activity, and emerging threats. By continuously analysing logs, device telemetry, and network traffic, we can move from a fragmented view of isolated events to a comprehensive, data-driven picture of cybersecurity posture. This improved situational awareness allows for faster identification of vulnerabilities, more accurate detection of abnormal activity, and better prioritisation of security resources.
From Reactive to Proactive Security:
Traditionally, cybersecurity has been largely reactive: i.e. focused on responding to breaches after they occur. With the integration of data science, this paradigm is shifting toward a proactive and predictive model. By analysing historical incidents, threat intelligence feeds, and behavioural trends, data-driven systems can identify early warning signals of potential attacks and anticipate where vulnerabilities may arise. This predictive capability allows organisations to take preventive action before an actual attack takes place. In other words, data transforms cybersecurity from a process of response into one of anticipation and resilience.
How can medical data science support anomaly detection and system resilience in a project such CYLCOMED?
By analysing the wide range of data produced in healthcare, data science helps us understand what “normal” looks like across the system. Using machine learning, it can detect when something deviates from that norm, such as unusual data flows or irregular device communication. These anomalies can then be flagged in real time as potential security threats or system faults, allowing for rapid response and prevention. In this way, data science turns complex operational data into actionable insight, strengthening both the security and reliability of healthcare systems.
Bernardo Muñoz
CEO of Medical Online Technology
Bernardo Muñoz currently serves as the chief executive officer of Medical Online Technology, a business that designs clinical information systems and incorporates medical devices into its offerings. He is a lawyer that focuses on certifying medical equipment that is linked to telemedicine software systems. Additionally, he has served as the CEO of other healthcare start-ups. His knowledge covers every angle needed to safely integrate linked medical devices in a hospital setting.
Looking to the future, which emerging technologies or approaches do you believe will have the greatest impact on strengthening the cybersecurity of connected medical devices?
In my opinion, the main approach to strengthening the cybersecurity of connected medical devices is to understand that there are various stakeholders, each with different requirements, who must participate in the shared objective of improving security. This approach should include appropriate and ongoing training for clinicians, as well as the existence of an integrative role that coordinates the functions and requirements of manufacturers, the security team, and the IT department.
How can EU-led initiatives better foster collaboration and knowledge be sharing on cybersecurity threats and incidents affecting connected medical devices?
In this regard, I believe the implementation of the EUDAMED vigilance module, scheduled for the second quarter of 2027, will be key. EUDAMED will provide six different modules, with the Post-Market Surveillance and Vigilance module being the one related to cybersecurity and risk management.
Through the Vigilance Module, various reports will be submitted to notify incidents, including:
- Submission of the Periodic Safety Update Report (PSUR)
- Submission of Periodic Summary Reports (PSR)
- Notification of Serious Incidents and Field Safety Corrective Actions (FSCAs), as well as Field Safety Notices (FSNs).
From the patients’ perspective, what should be the most urgent concerns or expectations regarding the cybersecurity of connected medical devices?
In my opinion, the main concern for patients is that no intrusion or attack should occur that could alter readings or settings of connected medical devices, potentially putting their health at risk. There is also the risk of an indiscriminate attack that could halt the functioning of connected medical devices, with the consequent danger for the patient.
The second major concern for patients is the expectation that their data will be securely safeguarded and that any use of it will have the corresponding informed consent. Furthermore, appropriate anonymization techniques should be applied to ensure the original patient cannot be identified.