Reviewed by Christian Espinosa, MBA, CISSP · Founder & CEO
Published March 2026 · Last reviewed May 2026
The Med Device Cyber Podcast · with Marc Zemel · March 1, 2026 In this episode of The Med Device Cyber Podcast, Marc Zemel, co-founder and CEO of Rhae Medical, shares insights from his 15 years in MedTech, transitioning from a mechanical engineer at MIT to leading a medical device company. He discusses the evolution of medical technology, from bulky ECG leads to compact smartphone-integrated devices, and introduces Rhae Medical's Argos Infinity, an advanced hemodynamic monitoring platform. Zemel emphasizes the critical importance of embedding cybersecurity into the culture of medical device development from the outset, highlighting the pitfalls of a "move fast and break things" mentality in a field where patient safety is paramount. The discussion covers the significant challenges medical device manufacturers face with FDA submissions due to inadequate cybersecurity preparedness, noting that cybersecurity is the number one reason for FDA rejections. Zemel advocates for a proactive approach to cybersecurity, emphasizing robust architecture, penetration testing, and continuous validation. The conversation also delves into the future of wearables, raising concerns about their current unregulated status, data privacy, and the potential for these devices to evolve into "clinical grade" tools, necessitating stricter regulations and validation standards.
Key Takeaways
- Rhae Medical's Argos Infinity platform demonstrates the evolution of medical technology from invasive procedures to data-driven, non-invasive patient monitoring, offering an early warning system for cardiovascular issues.
- Cybersecurity must be integrated into the medical device development culture from the start, as a reactive approach leads to significant delays and regulatory hurdles.
- The FDA increasingly scrutinizes cybersecurity, with inadequate preparedness being the primary cause of medical device submission rejections, underscoring the need for comprehensive documentation and testing.
- Unlike consumer tech, medical device development requires meticulous validation and a departure from the 'move fast and break things' ethos due to direct patient safety implications.
- The future of wearables in healthcare necessitates a reevaluation of current regulations, data privacy, and validation standards to ensure their safe and effective integration into clinical practice.
- Medical device manufacturers must prioritize robust cybersecurity architecture and penetration testing to gain trust from hospital IT departments and ensure timely product adoption.
Listen on mdcpodcast.com · Watch on YouTube
Listen to this episode
Want help applying this to your own device program?
Blue Goat Cyber is a specialist medical device cybersecurity firm: 250+ FDA submissions, zero rejections. If anything in this conversation hit close to home, book a 30-minute strategy session - no cost, no obligation.