Summary
“Cybersecurity is not something you want to try to just throw in at the last minute. Apply a security-by-design approach to incorporate security thinking and process from the earliest stages.”
In this Let’s Talk Risk! conversation, host Naveen Agarwal engages with Jose Bohorquez to discuss the critical intersection of software development, cybersecurity, and risk management in the medical device industry. They explore the importance of mentorship, the challenges faced by startups, and the necessity of integrating cybersecurity from the earliest stages of product development. The conversation emphasizes the need for collaboration and knowledge sharing to navigate the complexities of regulatory requirements and ensure the safety and effectiveness of medical devices.
Listen to the full 30-minute podcast or jump to a section of interest listed below.
Chapters
00:11 Introducing Jose Bohorquez
01:18 The Importance of Mentorship in Digital Health
02:13 Challenges Faced by Startups in Medical Device Software
03:45 Cybersecurity Issues in Medical Devices
05:32 Three-Stage Development Model for Software and Cybersecurity
09:00 Understanding Knowledge Gaps in Cybersecurity
10:31 Best Practices for Secure by Design Approach
14:12 Integrating Safety and Cybersecurity Risk Management
17:35 Collaborating for Integrated Risk Management
20:09 The Interconnection of Cybersecurity and Safety Risks
22:03 Testing for Effectiveness of Security Controls
24:00 Announcements, Key Takeaways and Closing Comments
If you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.
Suggested links:
LTR: Medical device cybersecurity now more critical than ever.
LTR: It’s time to up our game on medical device cybersecurity.
ACHIEVE: Post-market surveillance workshop.
Key Takeaways
Mentorship is crucial for learning from others' experiences.
Startups often struggle with regulatory requirements in medical devices.
Cybersecurity must be integrated early in the development process.
A three-stage development model helps organize software and cybersecurity efforts.
Knowledge gaps in cybersecurity can lead to significant risks.
Secure by design principles are essential for effective risk management.
Collaboration between teams is vital for successful product development.
Verification and testing are critical components of cybersecurity.
Understanding vulnerabilities is key to managing risks effectively.
The longer you wait to address cybersecurity, the more difficult it becomes.
Keywords
Risk management, cybersecurity, software bill of materials, software development, medical devices, digital health, mentorship, secure by design, product lifecycle, collaboration, verification
About Jose Bohorquez, Ph.D.
Jose Bohorquez is the President of CyberMed, where he provides Cybersecurity consulting, penetration and fuzz testing, and FDA documentation for Medical Device Manufacturers. He also serves as President at Bold Type, specializing in medical device software development. He holds a Ph.D. in Electrical Engineering and Computer Science from MIT, and an MS in Electrical Engineering from University of Florida. In addition to his professional activities, he mentors Digital Health startups at Endless Frontier Labs, a 9-month program at NYU Stern School of Business.
Let’s Talk Risk! with Dr. Naveen Agarwal is a weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every Friday on LinkedIn.
Disclaimer
Information and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.
Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards.
Share this post