Sign up to save your podcasts
Or
Share FDA Cybersecurity Gets Real with Monica Montañez of NAMSA
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
FDA Cybersecurity Gets Real with Monica Montañez of NAMSA
How have medical device cybersecurity requirements changed since 2023, and what does this mean for your product development?
In this episode, Christian and Trevor welcome Monica Montañez from NAMSA to unpack the evolving landscape of FDA cybersecurity requirements. From new laws introduced in 2023 to the ambiguous language in FDA guidance, they dig into what it really takes to meet expectations for cyber device submissions.
(0:32) NAMSA and Industry Shifts
* Monica introduces NAMSA’s role in regulatory and quality consulting.
(5:12) FDA Guidance vs. Legal Mandate
* The confusion around FDA’s "recommended" language.
* How internet-connectivity defines cyber devices—including USB and Bluetooth.
(12:57) Classifications, Interfaces, and Testing Gaps
* The dangers of assuming interfaces are disabled.
* Why early cybersecurity design is now critical for approval.
(18:08) New Submission Expectations
* What’s now required in a submission: threat models, risk assessments, lifecycle documentation.
* Trevor explains how these requirements balloon documentation to hundreds of pages.
The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity professionals specializing in providing elite cyber solutions for medical devices. Learn more about securing your product and business from cyber-criminals by visiting https://bluegoatcyber.com
If you’re interested in our services or partnering with us, schedule a Discovery Session: https://meetings.hubspot.com/blue-goat-cyber/discovery-session
Thanks to Monica Montañez for being on the show.
Learn more about Monica on NAMSA’s website:
https://namsa.com/expertise/team/monica-r-montanez/
Connect with Monica on LinkedIn: https://www.linkedin.com/in/monica-montanez-ms-rs-rac-cqa-4389336
Christian Espinosa is the CEO and founder of Blue Goat Cyber. Trevor Slattery is the Chief Technology Officer / Director of MedTech Cybersecurity at Blue Goat Cyber.
Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/
Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/
Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/
Blue Goat Cyber on Facebook: https://www.facebook.com/bluegoatcyber/
Blue Goat Cyber on YouTube: https://www.youtube.com/@BlueGoatCyber
Trevor Slattery on LinkedIn: https://www.linkedin.com/in/trevor-slattery-34852b1a9
Feedback? Questions? Contact: https://bluegoatcyber.com/contact/
Learn more about Christian Espinosa, buy his books, or invite him to speak on your stage: https://christianespinosa.com/
Christian Espinosa on YouTube: http://www.youtube.com/@ChristianEspinosaOfficial
The Med Device Cyber Podcast is your essential resource for medical device cybersecurity. Each episode we dive into the latest threats, solutions, and best practices to protect modern healthcare technology. Whether you're a provider, a manufacturer, or a cybersecurity professional, gain the knowledge to safeguard patient safety by subscribing to the Med Device Cyber Podcast.
Subscribe via Spotify: https://spoti.fi/3XX95g0
Subscribe via Apple Podcasts: https://apple.co/483OJ9I
Subscribe via YouTube: https://www.youtube.com/@BlueGoatCyber/podcasts
This episode was produced by Story On Media: https://www.storyon.co/
View all episodes
By Blue Goat CyberHow have medical device cybersecurity requirements changed since 2023, and what does this mean for your product development?
In this episode, Christian and Trevor welcome Monica Montañez from NAMSA to unpack the evolving landscape of FDA cybersecurity requirements. From new laws introduced in 2023 to the ambiguous language in FDA guidance, they dig into what it really takes to meet expectations for cyber device submissions.
(0:32) NAMSA and Industry Shifts
* Monica introduces NAMSA’s role in regulatory and quality consulting.
(5:12) FDA Guidance vs. Legal Mandate
* The confusion around FDA’s "recommended" language.
* How internet-connectivity defines cyber devices—including USB and Bluetooth.
(12:57) Classifications, Interfaces, and Testing Gaps
* The dangers of assuming interfaces are disabled.
* Why early cybersecurity design is now critical for approval.
(18:08) New Submission Expectations
* What’s now required in a submission: threat models, risk assessments, lifecycle documentation.
* Trevor explains how these requirements balloon documentation to hundreds of pages.
The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity professionals specializing in providing elite cyber solutions for medical devices. Learn more about securing your product and business from cyber-criminals by visiting https://bluegoatcyber.com
If you’re interested in our services or partnering with us, schedule a Discovery Session: https://meetings.hubspot.com/blue-goat-cyber/discovery-session
Thanks to Monica Montañez for being on the show.
Learn more about Monica on NAMSA’s website:
https://namsa.com/expertise/team/monica-r-montanez/
Connect with Monica on LinkedIn: https://www.linkedin.com/in/monica-montanez-ms-rs-rac-cqa-4389336
Christian Espinosa is the CEO and founder of Blue Goat Cyber. Trevor Slattery is the Chief Technology Officer / Director of MedTech Cybersecurity at Blue Goat Cyber.
Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/
Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/
Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/
Blue Goat Cyber on Facebook: https://www.facebook.com/bluegoatcyber/
Blue Goat Cyber on YouTube: https://www.youtube.com/@BlueGoatCyber
Trevor Slattery on LinkedIn: https://www.linkedin.com/in/trevor-slattery-34852b1a9
Feedback? Questions? Contact: https://bluegoatcyber.com/contact/
Learn more about Christian Espinosa, buy his books, or invite him to speak on your stage: https://christianespinosa.com/
Christian Espinosa on YouTube: http://www.youtube.com/@ChristianEspinosaOfficial
The Med Device Cyber Podcast is your essential resource for medical device cybersecurity. Each episode we dive into the latest threats, solutions, and best practices to protect modern healthcare technology. Whether you're a provider, a manufacturer, or a cybersecurity professional, gain the knowledge to safeguard patient safety by subscribing to the Med Device Cyber Podcast.
Subscribe via Spotify: https://spoti.fi/3XX95g0
Subscribe via Apple Podcasts: https://apple.co/483OJ9I
Subscribe via YouTube: https://www.youtube.com/@BlueGoatCyber/podcasts
This episode was produced by Story On Media: https://www.storyon.co/