The Importance of Iterative Cybersecurity in Medtech with Christian Espinosa

Download Transcript

In this Episode

• 01:05 The Importance of Early Cybersecurity Involvement
• 03:22 Real-World Consequences of Cybersecurity Oversights
• 09:10 Iterative Approach to Cybersecurity
• 12:06 Integrating Security into Development Processes
• 15:30 Emotional Intelligence in Cybersecurity
• 22:43 Identifying Key Stakeholders in Cybersecurity

Quotes From This Episode

Imagine working four years on this product and then at the very end when you think you’re about to get approved, have all these cybersecurity challenges come up. Our company feels guilty telling these innovators about all these problems because I know the position they’re in. So I’m trying to like educate the industry to come talk to us earlier, right? So they can avoid these scenarios.

Christian Espinosa

The sooner we can check on things, then we can find stuff and the code can be fixed, and then we check on it again a quarter later in an iterative manner versus a two month window, which it seems like people are trying to do with cybersecurity like they do with everything else that incorporates the submission. So I think that’s one of the biggest hurdles is getting the regulatory affairs people and other people in the industry educated that this really should be iterative.

Christian Espinosa

Everyone starts off with their best intentions for a product from a software development perspective, but then all of a sudden their deadline keeps getting moved forward. So they’re like, okay, we have to cut corners on certain things and just get it done. And I think that worked in the past before the new guidance, but now because of all this rigor the FDA requires, those corners you cut are gonna be found out, and that’s what’s causing all of the problems.

Christian Espinosa