This master thesis delves into the field of cybersecurity in the context of Internet of Medical Things (IoMT) devices, particularly focusing on wearable sensor devices used in diapers and used by individual with incontinence. The study made use of the new NIS 2 Directive’s recommendation of utilizing the ENISA Risk Assessment Framework for critical infrastructure. By conducting a review of industry reports and academic research, the study identified various challenges and regulatory risks associated with Internet of Medical Things (IoMT) devices. Existing security standards and recommendations were carefully analyzed and integrated into a comprehensive risk assessment framework. The ENISA risk assessment methodology was then implemented within a health products manufacturing company, specifically evaluating risks in its Cyber-Physical Systems (CPS). The effectiveness of the methodology was assessed and compared to the ISO 14971 framework currently utilized by the company. The implementation of the ENISA framework reveals the identification of additional assets and threats, showcasing its superiority over ISO 14971 in terms of comprehensiveness and necessary steps for conducting a robust risk assessment. The study acknowledges limitations arising from restricted data availability and suggested future research to refine and validate the methodology. Overall, this research significantly contributed to enhancing the security of IoMT devices and advocated for the adoption of robust cybersecurity practices in the healthcare industry.