The Med Device Cyber Podcast

Blue Goat Cyber
  • 5.0 (2)
  • LIFE SCIENCES
  • UPDATED WEEKLY

In a time where healthcare and technology are deeply intertwined, understanding medical device cybersecurity is not just important—it's essential. Welcome to The Med Device Cyber Podcast, your go-to resource for understanding the complexities of this critical field of cyber security. As the definitive podcast on medical device security, we explore everything from identifying and mitigating vulnerabilities to navigating this ever-evolving regulatory landscape. Hosted by Christian Espinosa, Founder & CEO of Blue Goat Cyber, and Trevor Slattery, Director of Medical Device Cybersecurity, each episode features expert insights into the latest cybersecurity threats, innovative solutions, and best practices for protecting the medical devices that are at the heart of modern healthcare. Whether you're a healthcare provider, a device manufacturer, a cybersecurity professional, or just someone looking to learn about the importance of cybersecurity in human lives, this podcast empowers you with the knowledge and tools to ensure patient safety and secure the future of medical technology. This podcast is brought to you by Blue Goat Cyber, specializing in providing elite cybersecurity solutions.

  1. The Hidden Cybersecurity Challenges in Software as a Medical Device

    5D AGO

    The Hidden Cybersecurity Challenges in Software as a Medical Device

    Marc Zemel has been building Retia Medical for 15 years. The company started as two guys with slides and licensed technology. Now their data-driven hemodynamic monitoring technology for consistently accurate cardiac output measurements in high-risk surgical and critically ill patients is in 75 hospitals across 18 countries, sold by Medtronic in the U.S, and the company is preparing to launch their new product Argos Infinity, pending FDA clearance. But getting here meant dealing with cybersecurity challenges that Marc didn't see coming. In this conversation, he talks about what actually slowed them down, what he wishes he'd done differently, and why building a proper quality system from day one would have saved him years of pain. Retia Medical develops algorithms that monitor cardiovascular function. Their technology detects problems before blood pressure drops, which makes it valuable in operating rooms and ICUs. Nurses have gotten so attached to their monitors that they literally hug them because the devices help them do their jobs better. Marc walks through the specific cybersecurity issues that surprised him. Like how software as a medical device comes with ongoing compliance costs that hardware doesn't have. Or how documentation requirements kept changing as the FDA updated its expectations. Or how retrofitting cybersecurity into an existing product is way more expensive than building it in from the start. He also shares his philosophy on building companies. He doesn't focus on exits or acquisition targets. He focuses on building something people can't live without. When the product is that good, the rest takes care of itself. If you're building a medical device startup or dealing with FDA submissions, this is a conversation worth hearing. Episode Breakdown: 00:00 Introduction 00:32 Where everyone's calling from 02:54 Marc's background and journey into medtech 04:33 What Retia Medical does 07:00 Blood flow vs blood pressure 09:45 Software vs hardware as a medical device 12:30 Cybersecurity challenges 15:20 Documentation nightmares 18:45 Quality systems and why they matter early 22:10 FDA submissions over 15 years 25:30 The cost of retrofitting cybersecurity 28:50 Software updates and compliance 32:15 Build to be bought, not to be sold 37:32 What acquirers look for 39:02 Product market fit: Nurses hugging monitors 41:14 Wearables and future regulations The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity experts providing essential security solutions for the medical device industry. Learn more by visiting https://bluegoatcyber.com. If you're interested in our services or partnering with us, schedule a Discovery Session: https://meetings.hubspot.com/blue-goat-cyber/discovery-session Christian Espinosa is the CEO and Founder of Blue Goat Cyber. Trevor Slattery is the Chief Operating Officer at Blue Goat Cyber. Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/ Trevor Slattery on LinkedIn: https://www.linkedin.com/in/trevor-slattery-34852b1a9 Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/ Blue Goat Cyber on Instagram: a href="https://www.instagram.com/bluegoatcyber/" rel="noopener noreferrer"...

    42 min
  2. Why Your Cloud Platform Decision Could Destroy Your Global Market Strategy

    JAN 30

    Why Your Cloud Platform Decision Could Destroy Your Global Market Strategy

    Thinking about taking your medical device to China? Or maybe you're a Chinese company looking at the American market? William Jin has spent over 30 years helping companies do exactly that, and he'll tell you straight up that most of them aren't ready. Not because they lack good products, but because they didn't think about cybersecurity early enough. William was trained as a medical doctor in Shanghai, then moved into the medtech industry working for companies like McCulloch and Stryker. Now he helps businesses on both sides of the Pacific figure out how to actually get their products approved and sold in each other's markets. The problems he sees are surprisingly similar whether you're going East or West. In this conversation, William walks through the real barriers to global expansion. We're talking about practical stuff like why using Google Cloud can completely block you from the Chinese market, how data sovereignty laws affect AI-powered devices, and why that Baxter ventilator recall should matter to everyone building connected medical devices. If you're in medtech and thinking about international markets, this is the reality check you need. William's advice is simple but critical: plan for your target markets before you start building. Otherwise, you'll spend millions redesigning later, or worse, you'll realize you can't enter those markets at all. Episode Breakdown: 00:00 The costly mistake of not planning for global markets early 00:44 Meet William Jin: Medical doctor turned medtech market strategist 03:15 What's really stopping Chinese companies from entering Western markets 07:20 Why Chinese medtech exports to the U.S. dropped while Europe increased 11:40 The Google Cloud problem nobody warns you about 15:50 How China's data regulations affect your algorithms and cloud architecture 19:30 Reverse engineering your markets: Start with the end in mind 23:00 Where Chinese companies dominate and where they struggle internationally 26:45 The Baxter recall that was really about cybersecurity 28:50 Why cybersecurity product recalls are fundamentally different 29:20 William's final advice for medtech innovators 29:40 Wrapping up: Design to disposal, not as an afterthought The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity experts providing essential security solutions for the medical device industry. Learn more by visiting https://bluegoatcyber.com. If you're interested in our services or partnering with us, schedule a Discovery Session: https://meetings.hubspot.com/blue-goat-cyber/discovery-session Christian Espinosa is the CEO and Founder of Blue Goat Cyber. Trevor Slattery is the Chief Operating Officer at Blue Goat Cyber. Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/ Trevor Slattery on LinkedIn: https://www.linkedin.com/in/trevor-slattery-34852b1a9 Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/ Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/ Blue Goat Cyber on Facebook: a href="https://www.facebook.com/bluegoatcyber/" rel="noopener noreferrer"...

    30 min
  3. How to Avoid the 3 Biggest Mistakes in Medtech Startups

    JAN 14

    How to Avoid the 3 Biggest Mistakes in Medtech Startups

    Ever thought about what it really takes to launch a successful medtech startup? Omar M. Khateeb knows the challenges firsthand. As a founder with a track record of building healthtech companies, he’s lived through the hurdles that come with innovating in the medtech space. In this episode, Omar dives into the highs and lows of his entrepreneurial journey, sharing key lessons, pivotal moments, and the strategies that helped him succeed. From tackling complex healthcare issues to navigating the regulatory maze, Omar breaks down what it takes to make a lasting impact in medtech. Join us for an inside look at the future of health tech and why it’s the perfect time for the next generation of entrepreneurs to get involved. The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity professionals specializing in providing elite cyber solutions for medical devices. Learn more about securing your product and business from cyber-criminals by visiting https://bluegoatcyber.com If you’re interested in our services or partnering with us, schedule a Discovery Session: https://meetings.hubspot.com/blue-goat-cyber/discovery-session Christian Espinosa is the CEO and founder of Blue Goat Cyber. Trevor Slattery is the Chief Technology Officer / Director of MedTech Cybersecurity at Blue Goat Cyber. Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/ Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/ Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/ Blue Goat Cyber on Facebook: https://www.facebook.com/bluegoatcyber/ Blue Goat Cyber on YouTube: https://www.youtube.com/@BlueGoatCyber/?sub_confirmation=1 Trevor Slattery on LinkedIn: https://www.linkedin.com/in/trevor-slattery-34852b1a9 Feedback? Questions? Contact: https://bluegoatcyber.com/contact/ Learn more about Christian Espinosa, buy his books, or invite him to speak on your stage: https://christianespinosa.com/ Christian Espinosa on YouTube: http://www.youtube.com/@ChristianEspinosaOfficial The Med Device Cyber Podcast is your essential resource for medical device cybersecurity. Each episode we dive into the latest threats, solutions, and best practices to protect modern healthcare technology. Whether you're a provider, a manufacturer, or a cybersecurity professional, gain the knowledge to safeguard patient safety by subscribing to the Med Device Cyber Podcast. Subscribe via Spotify: https://open.spotify.com/show/5ol62ROdF6mBfwOFqKFHmh Subscribe via Apple Podcasts: https://apple.co/483OJ9I Subscribe via YouTube: https://www.youtube.com/@BlueGoatCyber/?sub_confirmation=1

    53 min
  4. Untangling Software Composition Analysis for MedTech Teams

    JAN 6

    Untangling Software Composition Analysis for MedTech Teams

    Why does software composition analysis matter beyond regulatory compliance? This episode explores SCA (Software Composition Analysis) and explains how SBOMs (Software Bill of Materials), SOUP (Software of Unknown Provenance), and related tooling fit into the broader medical device cybersecurity landscape. Christian and Trevor clarify common misconceptions, including licensing fears, machine-readable requirements, and the role of static testing tools. The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity professionals specializing in providing elite cyber solutions for medical devices. Learn more about securing your product and business from cyber-criminals by visiting https://bluegoatcyber.com If you’re interested in our services or partnering with us, schedule a Discovery Session: https://meetings.hubspot.com/blue-goat-cyber/discovery-session Christian Espinosa is the CEO and founder of Blue Goat Cyber. Trevor Slattery is the Chief Technology Officer / Director of MedTech Cybersecurity at Blue Goat Cyber. Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/ Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/ Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/ Blue Goat Cyber on Facebook: https://www.facebook.com/bluegoatcyber/ Blue Goat Cyber on YouTube: https://www.youtube.com/@BlueGoatCyber/?sub_confirmation=1 Trevor Slattery on LinkedIn: https://www.linkedin.com/in/trevor-slattery-34852b1a9 Feedback? Questions? Contact: https://bluegoatcyber.com/contact/ Learn more about Christian Espinosa, buy his books, or invite him to speak on your stage: https://christianespinosa.com/ Christian Espinosa on YouTube: http://www.youtube.com/@ChristianEspinosaOfficial The Med Device Cyber Podcast is your essential resource for medical device cybersecurity. Each episode we dive into the latest threats, solutions, and best practices to protect modern healthcare technology. Whether you're a provider, a manufacturer, or a cybersecurity professional, gain the knowledge to safeguard patient safety by subscribing to the Med Device Cyber Podcast. Subscribe via Spotify: https://open.spotify.com/show/5ol62ROdF6mBfwOFqKFHmh Subscribe via Apple Podcasts: https://apple.co/483OJ9I Subscribe via YouTube: https://www.youtube.com/@BlueGoatCyber/?sub_confirmation=1

    29 min
  5. When Medical Device Cyber Failures Become Fatal

    12/30/2025

    When Medical Device Cyber Failures Become Fatal

    What past ransomware and medical device incidents might reveal gaps that manufacturers are still overlooking today? In this episode, Christian and Trevor examine real incidents where cybersecurity failures, software flaws, and insecure medical devices led to patient harm and death. They break down how ransomware attacks, implantable device vulnerabilities, and AI-driven therapies expose life-critical risks in healthcare. The conversation highlights why regulators are increasing scrutiny and why cybersecurity must be treated as a patient-safety imperative, not an afterthought. The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity professionals specializing in providing elite cyber solutions for medical devices. Learn more about securing your product and business from cyber-criminals by visiting https://bluegoatcyber.com If you’re interested in our services or partnering with us, schedule a Discovery Session: https://meetings.hubspot.com/blue-goat-cyber/discovery-session Christian Espinosa is the CEO and founder of Blue Goat Cyber. Trevor Slattery is the Chief Technology Officer / Director of MedTech Cybersecurity at Blue Goat Cyber. Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/ Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/ Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/ Blue Goat Cyber on Facebook: https://www.facebook.com/bluegoatcyber/ Blue Goat Cyber on YouTube: https://www.youtube.com/@BlueGoatCyber/?sub_confirmation=1 Trevor Slattery on LinkedIn: https://www.linkedin.com/in/trevor-slattery-34852b1a9 Feedback? Questions? Contact: https://bluegoatcyber.com/contact/ Learn more about Christian Espinosa, buy his books, or invite him to speak on your stage: https://christianespinosa.com/ Christian Espinosa on YouTube: http://www.youtube.com/@ChristianEspinosaOfficial The Med Device Cyber Podcast is your essential resource for medical device cybersecurity. Each episode we dive into the latest threats, solutions, and best practices to protect modern healthcare technology. Whether you're a provider, a manufacturer, or a cybersecurity professional, gain the knowledge to safeguard patient safety by subscribing to the Med Device Cyber Podcast. Subscribe via Spotify: https://open.spotify.com/show/5ol62ROdF6mBfwOFqKFHmh Subscribe via Apple Podcasts: https://apple.co/483OJ9I Subscribe via YouTube: https://www.youtube.com/@BlueGoatCyber/?sub_confirmation=1 This episode was produced by Story On Media: https://www.storyon.co/

    25 min
  6. Trevor Slattery Answers Tough Medical Device Cyber Questions

    12/23/2025

    Trevor Slattery Answers Tough Medical Device Cyber Questions

    This episode puts Trevor in the hot seat. If you were put in the hot seat, could you clearly explain cybersecurity, safety, and lifecycle terms like Trevor? In this rapid-fire episode, Christian fires questions at Trevor about essential medical device cybersecurity concepts and standards. Together, they clarify how risk management, secure development, and lifecycle thinking intersect across safety, quality, and security. The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity professionals specializing in providing elite cyber solutions for medical devices. Learn more about securing your product and business from cyber-criminals by visiting https://bluegoatcyber.com If you’re interested in our services or partnering with us, schedule a Discovery Session: https://meetings.hubspot.com/blue-goat-cyber/discovery-session Christian Espinosa is the CEO and founder of Blue Goat Cyber. Trevor Slattery is the Chief Technology Officer / Director of MedTech Cybersecurity at Blue Goat Cyber. Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/ Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/ Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/ Blue Goat Cyber on Facebook: https://www.facebook.com/bluegoatcyber/ Blue Goat Cyber on YouTube: https://www.youtube.com/@BlueGoatCyber/?sub_confirmation=1 Trevor Slattery on LinkedIn: https://www.linkedin.com/in/trevor-slattery-34852b1a9 Feedback? Questions? Contact: https://bluegoatcyber.com/contact/ Learn more about Christian Espinosa, buy his books, or invite him to speak on your stage: https://christianespinosa.com/ Christian Espinosa on YouTube: http://www.youtube.com/@ChristianEspinosaOfficial The Med Device Cyber Podcast is your essential resource for medical device cybersecurity. Each episode we dive into the latest threats, solutions, and best practices to protect modern healthcare technology. Whether you're a provider, a manufacturer, or a cybersecurity professional, gain the knowledge to safeguard patient safety by subscribing to the Med Device Cyber Podcast. Subscribe via Spotify: https://open.spotify.com/show/5ol62ROdF6mBfwOFqKFHmh Subscribe via Apple Podcasts: https://apple.co/483OJ9I Subscribe via YouTube: https://www.youtube.com/@BlueGoatCyber/?sub_confirmation=1 This episode was produced by Story On Media: https://www.storyon.co/

    23 min
  7. The Differences Between Black, Grey, and White Penetration Testing

    12/16/2025

    The Differences Between Black, Grey, and White Penetration Testing

    MedTech developers, do you know which penetration testing methodology the FDA actually prefers for medical device submissions? In this episode, Christian and Trevor explain the differences between black, grey, and white box penetration testing and how each impacts the completeness and realism of cybersecurity assessments. They highlight why regulators increasingly expect deeper testing supported by source-code-level insights. They also outline the risks, costs, and delays manufacturers face when choosing insufficient testing approaches during FDA submission. Key points: (01:25) Learn how black box testing mimics an attacker with no prior knowledge. (06:27) How grey box testing blends limited credentials, architecture insight, and direct communication with engineers to expand visibility. (08:29) Why white box testing includes access to full documentation, processes, and source code. (10:20) How attacker timeframes differ from tester timeframes. (11:29) How the FDA’s static analysis, SBOM, and risk evaluation requirements tie naturally into white box testing workflows. (15:06) Learn why choosing black box testing to save money often results in higher total costs after FDA rejection. (17:47) Hear why “buy once, cry once” applies to penetration testing. The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity professionals specializing in providing elite cyber solutions for medical devices. Learn more about securing your product and business from cyber-criminals by visiting https://bluegoatcyber.com If you’re interested in our services or partnering with us, schedule a Discovery Session: https://meetings.hubspot.com/blue-goat-cyber/discovery-session Christian Espinosa is the CEO and founder of Blue Goat Cyber. Trevor Slattery is the Chief Technology Officer / Director of MedTech Cybersecurity at Blue Goat Cyber. Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/ Trevor Slattery on LinkedIn: https://www.linkedin.com/in/trevor-slattery-34852b1a9 Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/ Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/ Blue Goat Cyber on Facebook: https://www.facebook.com/bluegoatcyber/ Blue Goat Cyber on YouTube: https://www.youtube.com/@BlueGoatCyber/?sub_confirmation=1 Feedback? Questions? Contact: https://bluegoatcyber.com/contact/ Learn more about Christian Espinosa, buy his books, or invite him to speak on your stage: https://christianespinosa.com/ Christian Espinosa on YouTube: http://www.youtube.com/@ChristianEspinosaOfficial The Med Device Cyber Podcast is your essential resource for medical device cybersecurity. Each episode we dive into the latest threats, solutions, and best practices to protect modern healthcare technology. Whether you're a provider, a manufacturer, or a cybersecurity professional, gain the knowledge to safeguard patient safety by subscribing to the Med Device Cyber Podcast. Subscribe via Spotify: https://open.spotify.com/show/5ol62ROdF6mBfwOFqKFHmh Subscribe via Apple Podcasts: https://apple.co/483OJ9I Subscribe via YouTube: https://www.youtube.com/@BlueGoatCyber/?sub_confirmation=1 This episode was produced by Story On Media: https://www.storyon.co/

    20 min
  8. How Cybersecurity Shapes Regulatory and Quality Success with Jim Goodmiller

    12/09/2025

    How Cybersecurity Shapes Regulatory and Quality Success with Jim Goodmiller

    What risks do you take when cybersecurity is left off your development roadmap? In this episode, Christian, Trevor and guest Jim Goodmiller explore how cybersecurity intersects with regulatory expectations and quality systems, creating new challenges and opportunities for medtech innovators. Jim helps to explain why founders must integrate cybersecurity from concept through commercialization, especially as FDA scrutiny increases. Key points:  00:48 Why cybersecurity now influences every part of the regulatory landscape. 04:48 How technologies can create serious safety and compliance risks when not fully vetted. 10:45 Cybersecurity as a mandatory component of regulatory planning. 14:52 The need for iterative penetration testing  22:16 Challenges of upgrading legacy devices 25:37 Avoiding serious legal consequences. 29:29 Preparing a complete roadmap for investor confidence  40:08 The role of communication The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity professionals specializing in providing elite cyber solutions for medical devices. Learn more about securing your product and business from cyber-criminals by visiting https://bluegoatcyber.com  If you’re interested in our services or partnering with us, schedule a Discovery Session: https://meetings.hubspot.com/blue-goat-cyber/discovery-session  Thanks to Jim Goodmiller for being on the show.  Connect with Jim on LinkedIn: https://www.linkedin.com/in/jimgoodmiller/  Christian Espinosa is the CEO and founder of Blue Goat Cyber. Trevor Slattery is the Chief Technology Officer / Director of MedTech Cybersecurity at Blue Goat Cyber.  Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/  Trevor Slattery on LinkedIn: https://www.linkedin.com/in/trevor-slattery-34852b1a9  Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/  Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/  Blue Goat Cyber on Facebook: https://www.facebook.com/bluegoatcyber/  Blue Goat Cyber on YouTube: https://www.youtube.com/@BlueGoatCyber/?sub_confirmation=1  Feedback? Questions? Contact: https://bluegoatcyber.com/contact/  Learn more about Christian Espinosa, buy his books, or invite him to speak on your stage: https://christianespinosa.com/  Christian Espinosa on YouTube: http://www.youtube.com/@ChristianEspinosaOfficial  The Med Device Cyber Podcast is...

    45 min
See All (68)

Ratings & Reviews

5
out of 5
2 Ratings

About

In a time where healthcare and technology are deeply intertwined, understanding medical device cybersecurity is not just important—it's essential. Welcome to The Med Device Cyber Podcast, your go-to resource for understanding the complexities of this critical field of cyber security. As the definitive podcast on medical device security, we explore everything from identifying and mitigating vulnerabilities to navigating this ever-evolving regulatory landscape. Hosted by Christian Espinosa, Founder & CEO of Blue Goat Cyber, and Trevor Slattery, Director of Medical Device Cybersecurity, each episode features expert insights into the latest cybersecurity threats, innovative solutions, and best practices for protecting the medical devices that are at the heart of modern healthcare. Whether you're a healthcare provider, a device manufacturer, a cybersecurity professional, or just someone looking to learn about the importance of cybersecurity in human lives, this podcast empowers you with the knowledge and tools to ensure patient safety and secure the future of medical technology. This podcast is brought to you by Blue Goat Cyber, specializing in providing elite cybersecurity solutions.

Information

  • Creator
    Blue Goat Cyber
  • Years Active
    2024 - 2026
  • Episodes
    68
  • Rating
    Clean
  • Copyright
    © Copyright 2026 Blue Goat Cyber
  • Show Website
    The Med Device Cyber Podcast