Sign up to save your podcasts
Or
Share When Cybersecurity Becomes a Crime
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
When Cybersecurity Becomes a Crime
What happens when cybersecurity flaws in medical devices cross the line into criminal violations?
In this episode, Christian and Trevor unpack the groundbreaking case of Illumina, where cybersecurity misrepresentation led to Department of Justice enforcement. They explore how this signals a shift from technical risks to legal and patient safety consequences, highlighting the dangers of cutting corners in device development. The conversation also outlines practical lessons for manufacturers on integrating secure product development, anticipating FDA deficiencies, and aligning business functions with cybersecurity goals.
Key points:
(00:02) Misrepresenting cybersecurity controls in medical devices can lead to legal prosecution under the DOJ’s civil cyber fraud initiative.
(04:28) Regulatory enforcement is evolving beyond HIPAA into direct patient safety risks.
(06:05) Medical device cybersecurity differs from information privacy laws, especially with potential patient harm.
(08:30) The Illumina case involved a whistleblower, FDA oversight, and DOJ enforcement.
(10:54) Ignoring internal warnings about device vulnerabilities led to legal consequences.
(13:44) Security by design must be integrated early to avoid costly retrofits.
(16:46) Cybersecurity is recognized as a clinical risk tied to patient mortality.
(19:12) Manufacturers are adopting secure product development frameworks earlier in the lifecycle.
The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity professionals specializing in providing elite cyber solutions for medical devices. Learn more about securing your product and business from cyber-criminals by visiting https://bluegoatcyber.com
If you’re interested in our services or partnering with us, schedule a Discovery Session: https://meetings.hubspot.com/blue-goat-cyber/discovery-session
Christian Espinosa is the CEO and founder of Blue Goat Cyber. Trevor Slattery is the Chief Technology Officer / Director of MedTech Cybersecurity at Blue Goat Cyber.
Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/
Trevor Slattery on LinkedIn: https://www.linkedin.com/in/trevor-slattery-34852b1a9
Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/
Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/
Blue Goat Cyber on Facebook: https://www.facebook.com/bluegoatcyber/
Blue Goat Cyber on YouTube: https://www.youtube.com/@BlueGoatCyber
Feedback? Questions? Contact: https://bluegoatcyber.com/contact/
Learn more about Christian Espinosa, buy his books, or invite him to speak on your stage: https://christianespinosa.com/
Christian Espinosa on YouTube: http://www.youtube.com/@ChristianEspinosaOfficial
The Med Device Cyber Podcast is your essential resource for medical device cybersecurity. Each episode we dive into the latest threats, solutions, and best practices to protect modern healthcare technology. Whether you're a provider, a manufacturer, or a cybersecurity professional, gain the knowledge to safeguard patient safety by subscribing to the Med Device Cyber Podcast.
Subscribe via Spotify: https://open.spotify.com/show/5ol62ROdF6mBfwOFqKFHmh
Subscribe via Apple Podcasts: https://apple.co/483OJ9I
Subscribe via YouTube: https://www.youtube.com/@BlueGoatCyber/podcasts
This episode was produced by Story On Media: https://www.storyon.co/
View all episodes
By Blue Goat CyberWhat happens when cybersecurity flaws in medical devices cross the line into criminal violations?
In this episode, Christian and Trevor unpack the groundbreaking case of Illumina, where cybersecurity misrepresentation led to Department of Justice enforcement. They explore how this signals a shift from technical risks to legal and patient safety consequences, highlighting the dangers of cutting corners in device development. The conversation also outlines practical lessons for manufacturers on integrating secure product development, anticipating FDA deficiencies, and aligning business functions with cybersecurity goals.
Key points:
(00:02) Misrepresenting cybersecurity controls in medical devices can lead to legal prosecution under the DOJ’s civil cyber fraud initiative.
(04:28) Regulatory enforcement is evolving beyond HIPAA into direct patient safety risks.
(06:05) Medical device cybersecurity differs from information privacy laws, especially with potential patient harm.
(08:30) The Illumina case involved a whistleblower, FDA oversight, and DOJ enforcement.
(10:54) Ignoring internal warnings about device vulnerabilities led to legal consequences.
(13:44) Security by design must be integrated early to avoid costly retrofits.
(16:46) Cybersecurity is recognized as a clinical risk tied to patient mortality.
(19:12) Manufacturers are adopting secure product development frameworks earlier in the lifecycle.
The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity professionals specializing in providing elite cyber solutions for medical devices. Learn more about securing your product and business from cyber-criminals by visiting https://bluegoatcyber.com
If you’re interested in our services or partnering with us, schedule a Discovery Session: https://meetings.hubspot.com/blue-goat-cyber/discovery-session
Christian Espinosa is the CEO and founder of Blue Goat Cyber. Trevor Slattery is the Chief Technology Officer / Director of MedTech Cybersecurity at Blue Goat Cyber.
Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/
Trevor Slattery on LinkedIn: https://www.linkedin.com/in/trevor-slattery-34852b1a9
Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/
Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/
Blue Goat Cyber on Facebook: https://www.facebook.com/bluegoatcyber/
Blue Goat Cyber on YouTube: https://www.youtube.com/@BlueGoatCyber
Feedback? Questions? Contact: https://bluegoatcyber.com/contact/
Learn more about Christian Espinosa, buy his books, or invite him to speak on your stage: https://christianespinosa.com/
Christian Espinosa on YouTube: http://www.youtube.com/@ChristianEspinosaOfficial
The Med Device Cyber Podcast is your essential resource for medical device cybersecurity. Each episode we dive into the latest threats, solutions, and best practices to protect modern healthcare technology. Whether you're a provider, a manufacturer, or a cybersecurity professional, gain the knowledge to safeguard patient safety by subscribing to the Med Device Cyber Podcast.
Subscribe via Spotify: https://open.spotify.com/show/5ol62ROdF6mBfwOFqKFHmh
Subscribe via Apple Podcasts: https://apple.co/483OJ9I
Subscribe via YouTube: https://www.youtube.com/@BlueGoatCyber/podcasts
This episode was produced by Story On Media: https://www.storyon.co/