Sign up to save your podcasts
Or
Share Why Cybersecurity and Quality Are One and the Same
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Why Cybersecurity and Quality Are One and the Same
How can medical device startups avoid missteps in cybersecurity, quality, and compliance?
In this episode, Trevor Slattery speaks with Ashkon Rasooli about the intersection of quality systems and cybersecurity in medical devices. They unpack why treating cybersecurity as a bolt-on checklist is ineffective and even dangerous. They also discuss regulatory realities, risk management frameworks, and how early-stage teams can avoid costly pitfalls by planning smarter from the start.
Ashkon Rasooli is the CEO of EnGenius Solutions, a boutique consulting firm focused on medical device software development. With a background in both hands-on coding and compliance, Ashkon helps medtech startups navigate quality systems and regulatory strategy.
Key points:
(0:31) Why Regulations and Cybersecurity Are Intertwined
* How EnGenius helps small medtech companies plan early.
* Challenging the idea that cybersecurity and QMS are separate disciplines.
(7:12) Planning Cybersecurity Early
* Business model, product design, and geography all shape your compliance path.
(12:16) Culture Over Checklists in MedTech Security
* Ashkon’s “Non-BS Manifesto” based on Agile principles.
* Real-world examples of ransomware causing patient harm.
(20:38) Why Probabilistic Risk Scoring Falls Short
* How exploitability trumps probability in FDA guidance.
* How cybersecurity attackers differ from typical safety failures.
(28:14) Planning Compliance
* Dick Cheney’s pacemaker becomes a cautionary tale of targeted threats.
Thanks to Ashkon Rasooli for being on the show. Connect with him: https://www.linkedin.com/in/ashkonrasooli
Check out EnGenius Solutions: https://www.engeniussolutions.com
The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity professionals specializing in providing elite cyber solutions for medical devices. Learn more about securing your product and business from cyber-criminals by visiting https://bluegoatcyber.com
If you’re interested in our services or partnering with us, schedule a Discovery Session: https://meetings.hubspot.com/blue-goat-cyber/discovery-session
Christian Espinosa is the CEO and founder of Blue Goat Cyber. Trevor Slattery is the Chief Technology Officer / Director of MedTech Cybersecurity at Blue Goat Cyber.
Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/
Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/
Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/
Blue Goat Cyber on Facebook: https://www.facebook.com/bluegoatcyber/
Blue Goat Cyber on YouTube: https://www.youtube.com/@BlueGoatCyber
Trevor Slattery on LinkedIn: https://www.linkedin.com/in/trevor-slattery-34852b1a9
Feedback? Questions? Contact: https://bluegoatcyber.com/contact/
Learn more about Christian Espinosa, buy his books, or invite him to speak on your stage: https://christianespinosa.com/
Christian Espinosa on YouTube: http://www.youtube.com/@ChristianEspinosaOfficial
The Med Device Cyber Podcast is your essential resource for medical device cybersecurity. Each episode we dive into the latest threats, solutions, and best practices to protect modern healthcare technology. Whether you're a provider, a manufacturer, or a cybersecurity professional, gain the knowledge to safeguard patient safety by subscribing to the Med Device Cyber Podcast.
Subscribe via Spotify: https://spoti.fi/3XX95g0
Subscribe via Apple Podcasts: https://apple.co/483OJ9I
Subscribe via YouTube: https://www.youtube.com/@BlueGoatCyber/podcasts
This episode was produced by Story On Media: https://www.storyon.co/
View all episodes
By Blue Goat CyberHow can medical device startups avoid missteps in cybersecurity, quality, and compliance?
In this episode, Trevor Slattery speaks with Ashkon Rasooli about the intersection of quality systems and cybersecurity in medical devices. They unpack why treating cybersecurity as a bolt-on checklist is ineffective and even dangerous. They also discuss regulatory realities, risk management frameworks, and how early-stage teams can avoid costly pitfalls by planning smarter from the start.
Ashkon Rasooli is the CEO of EnGenius Solutions, a boutique consulting firm focused on medical device software development. With a background in both hands-on coding and compliance, Ashkon helps medtech startups navigate quality systems and regulatory strategy.
Key points:
(0:31) Why Regulations and Cybersecurity Are Intertwined
* How EnGenius helps small medtech companies plan early.
* Challenging the idea that cybersecurity and QMS are separate disciplines.
(7:12) Planning Cybersecurity Early
* Business model, product design, and geography all shape your compliance path.
(12:16) Culture Over Checklists in MedTech Security
* Ashkon’s “Non-BS Manifesto” based on Agile principles.
* Real-world examples of ransomware causing patient harm.
(20:38) Why Probabilistic Risk Scoring Falls Short
* How exploitability trumps probability in FDA guidance.
* How cybersecurity attackers differ from typical safety failures.
(28:14) Planning Compliance
* Dick Cheney’s pacemaker becomes a cautionary tale of targeted threats.
Thanks to Ashkon Rasooli for being on the show. Connect with him: https://www.linkedin.com/in/ashkonrasooli
Check out EnGenius Solutions: https://www.engeniussolutions.com
The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity professionals specializing in providing elite cyber solutions for medical devices. Learn more about securing your product and business from cyber-criminals by visiting https://bluegoatcyber.com
If you’re interested in our services or partnering with us, schedule a Discovery Session: https://meetings.hubspot.com/blue-goat-cyber/discovery-session
Christian Espinosa is the CEO and founder of Blue Goat Cyber. Trevor Slattery is the Chief Technology Officer / Director of MedTech Cybersecurity at Blue Goat Cyber.
Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/
Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/
Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/
Blue Goat Cyber on Facebook: https://www.facebook.com/bluegoatcyber/
Blue Goat Cyber on YouTube: https://www.youtube.com/@BlueGoatCyber
Trevor Slattery on LinkedIn: https://www.linkedin.com/in/trevor-slattery-34852b1a9
Feedback? Questions? Contact: https://bluegoatcyber.com/contact/
Learn more about Christian Espinosa, buy his books, or invite him to speak on your stage: https://christianespinosa.com/
Christian Espinosa on YouTube: http://www.youtube.com/@ChristianEspinosaOfficial
The Med Device Cyber Podcast is your essential resource for medical device cybersecurity. Each episode we dive into the latest threats, solutions, and best practices to protect modern healthcare technology. Whether you're a provider, a manufacturer, or a cybersecurity professional, gain the knowledge to safeguard patient safety by subscribing to the Med Device Cyber Podcast.
Subscribe via Spotify: https://spoti.fi/3XX95g0
Subscribe via Apple Podcasts: https://apple.co/483OJ9I
Subscribe via YouTube: https://www.youtube.com/@BlueGoatCyber/podcasts
This episode was produced by Story On Media: https://www.storyon.co/