The European health care system is moving toward personalised, distributed, and home-based services. This is made possible via newand improved connected medical devices (MDs) and in vitro diagnostic devices connected to the internet (together, CMDs), and willbenefit health care providers in terms of reduced cost (fewer hospital beds) and improved service. Patients will see improved quality oflife in terms of reduced travel time and reduced stress via treatment at home or where they want it. However, for these benefits to be fullyrealised, the cybersecurity of CMDs needs to be ensured. NEMECYS will benefit practitioners such as cybersecurity communities, MDmanufacturers, CMD scenario system integrators and CMD scenario operators (e.g. health care providers), with downstream benefitsto patients and the wider public, through more cost-effective and efficient care enabled via effective and streamlined cybersecurity.NEMECYS helps practitioners to (1) comply with MD regulations; (2) to be able to apply proportionate MD cybersecurity (too littlesecurity risks exposure, too much is costly and can obstruct clinical care) and (3) build in cybersecurity by design for both MDs andthe connected scenarios they operate in. This is achieved by (1) providing recommendations for best practice and guidelines for MDcybersecurity by design, along with compliance assurance tooling; (2) providing a risk-benefit scheme to address cybersecurity riskbalanced with clinical benefit; and (3) providing a set of specific tools to address MD cybersecurity by design and their deployment inconnected scenarios. The NEMECYS team has cybersecurity risk experts, two hospitals who are already implementing IoT and remotecare-based scenarios, three medical device manufacturers, major computer science research players and experienced systems integrators.This team is ideally placed to ensure that NEMECYS can enable practitioners to apply the right security at the right place, at low cost.