Sign up to save your podcasts
Or
Share Webinar: Security Architecture Views: Protecting Medical Devices Through Strategic Design
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Webinar: Security Architecture Views: Protecting Medical Devices Through Strategic Design
How can security architecture views strengthen a medical device manufacturer’s FDA submissions?
This episode/webinar dives into the four critical security architecture views required by the FDA: global system, multi-patient harm, updatability and patchability, and secure use case views. Christian Espinosa and Trevor Slattery explain how each view strengthens product security while aligning with regulatory expectations. They also share practical strategies and examples, from cloud environments to physical updates, highlighting how proper documentation and foresight can mitigate real-world risks.
Highlights:
(01:19) Learn why the FDA requires four specific security architecture views and how they support threat modeling.
(03:10) Understand how integrating security into architecture views reflects secure coding and DevSecOps practices.
(04:15) Discover how global regulators beyond the FDA use similar documentation requirements.
(07:52) Explore why global system views must include both software and hardware components as well as data flows.
(11:02) The distinction between global system views and multi-patient harm views.
(14:36) Common vulnerabilities like hard-coded credentials that can lead to multi-patient harm.
(19:18) The risks of over-the-air updates versus physical updates for medical devices.
This episode was brought to you by Blue Goat Cyber, cybersecurity professionals specializing in providing elite cyber solutions for medical devices. Learn more about securing your product and business from cyber-criminals by visiting https://bluegoatcyber.com
If you’re interested in our services or partnering with us, schedule a Discovery Session: https://meetings.hubspot.com/blue-goat-cyber/discovery-session
Christian Espinosa is the CEO and founder of Blue Goat Cyber. Trevor Slattery is the Chief Technology Officer / Director of MedTech Cybersecurity at Blue Goat Cyber.
Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/
Trevor Slattery on LinkedIn: https://www.linkedin.com/in/trevor-slattery-34852b1a9
Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/
Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/
Blue Goat Cyber on Facebook: https://www.facebook.com/bluegoatcyber/
Blue Goat Cyber on YouTube: https://www.youtube.com/@BlueGoatCyber
Feedback? Questions? Contact: https://bluegoatcyber.com/contact/
Learn more about Christian Espinosa, buy his books, or invite him to speak on your stage: https://christianespinosa.com/
Christian Espinosa on YouTube: http://www.youtube.com/@ChristianEspinosaOfficial
The Med Device Cyber Podcast is your essential resource for medical device cybersecurity. Each episode we dive into the latest threats, solutions, and best practices to protect modern healthcare technology. Whether you're a provider, a manufacturer, or a cybersecurity professional, gain the knowledge to safeguard patient safety by subscribing to the Med Device Cyber Podcast.
Subscribe via Spotify: https://spoti.fi/3XX95g0
Subscribe via Apple Podcasts: https://apple.co/483OJ9I
This was produced by Story On Media: https://www.storyon.co/
View all episodes
By Blue Goat CyberHow can security architecture views strengthen a medical device manufacturer’s FDA submissions?
This episode/webinar dives into the four critical security architecture views required by the FDA: global system, multi-patient harm, updatability and patchability, and secure use case views. Christian Espinosa and Trevor Slattery explain how each view strengthens product security while aligning with regulatory expectations. They also share practical strategies and examples, from cloud environments to physical updates, highlighting how proper documentation and foresight can mitigate real-world risks.
Highlights:
(01:19) Learn why the FDA requires four specific security architecture views and how they support threat modeling.
(03:10) Understand how integrating security into architecture views reflects secure coding and DevSecOps practices.
(04:15) Discover how global regulators beyond the FDA use similar documentation requirements.
(07:52) Explore why global system views must include both software and hardware components as well as data flows.
(11:02) The distinction between global system views and multi-patient harm views.
(14:36) Common vulnerabilities like hard-coded credentials that can lead to multi-patient harm.
(19:18) The risks of over-the-air updates versus physical updates for medical devices.
This episode was brought to you by Blue Goat Cyber, cybersecurity professionals specializing in providing elite cyber solutions for medical devices. Learn more about securing your product and business from cyber-criminals by visiting https://bluegoatcyber.com
If you’re interested in our services or partnering with us, schedule a Discovery Session: https://meetings.hubspot.com/blue-goat-cyber/discovery-session
Christian Espinosa is the CEO and founder of Blue Goat Cyber. Trevor Slattery is the Chief Technology Officer / Director of MedTech Cybersecurity at Blue Goat Cyber.
Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/
Trevor Slattery on LinkedIn: https://www.linkedin.com/in/trevor-slattery-34852b1a9
Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/
Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/
Blue Goat Cyber on Facebook: https://www.facebook.com/bluegoatcyber/
Blue Goat Cyber on YouTube: https://www.youtube.com/@BlueGoatCyber
Feedback? Questions? Contact: https://bluegoatcyber.com/contact/
Learn more about Christian Espinosa, buy his books, or invite him to speak on your stage: https://christianespinosa.com/
Christian Espinosa on YouTube: http://www.youtube.com/@ChristianEspinosaOfficial
The Med Device Cyber Podcast is your essential resource for medical device cybersecurity. Each episode we dive into the latest threats, solutions, and best practices to protect modern healthcare technology. Whether you're a provider, a manufacturer, or a cybersecurity professional, gain the knowledge to safeguard patient safety by subscribing to the Med Device Cyber Podcast.
Subscribe via Spotify: https://spoti.fi/3XX95g0
Subscribe via Apple Podcasts: https://apple.co/483OJ9I
This was produced by Story On Media: https://www.storyon.co/