Blue Goat CyberBlue Goat CyberSMMedical Device Cybersecurity
    K
    Podcast · Episode 58

    How AI Code Security Became a Medical Device Problem with Jun Xiang Tan

    With Jun Xiang Tan - Ten years ago, Singapore's healthcare system got hacked. Patient records were stolen at a national scale. The government responded by building one of the most comprehensive medical device security frameworks in the world. The Cybersecurity Labeling Scheme has four tiers.

    Ten years ago, Singapore's healthcare system got hacked. Patient records were stolen at a national scale. The government responded by building one of the most comprehensive medical device security frameworks in the world.

    The Cybersecurity Labeling Scheme has four tiers. Level one means basic security controls exist. Level four means the device underwent independent code review, has advanced threat detection, and maintains continuous vulnerability management. Hospitals can see exactly what level of security they're getting before they buy.

    Jun Xiang from CareHero explains why this matters, especially now that AI is showing up in medical devices without proper testing. He covers adversarial attacks on medical images, why doctors are uploading patient data to ChatGPT, and what automation bias does to clinical decision making.

    Practical conversation about medical device security in Southeast Asia and what manufacturers need to know about Singapore's approach.

    Episode Breakdown:

    00:01 Welcome

    00:31 Background

    01:09 Military service

    03:09 AI threats

    03:45 23% problem

    04:40 X-rays ChatGPT

    05:43 Attacks

    08:15 Poisoning

    11:30 Hallucinations

    14:20 AI code

    17:45 Vulnerabilities

    20:30 Pair programming

    23:15 Guardrails

    26:40 Automation bias

    28:50 AI scribes

    31:20 Dialects

    34:05 Pre-triage

    36:32 Pricing

    37:25 Pair programmer

    37:40 Human interpretation

    The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity experts providing essential security solutions for the medical device industry.

    Learn more by visiting https://bluegoatcyber.com

    If you're interested in our services or partnering with us, schedule a Discovery Session: https://meetings.hubspot.com/blue-goat-cyber/discovery-session

    Christian Espinosa is the CEO and Founder of Blue Goat Cyber.

    Trevor Slattery is the Chief Operating Officer at Blue Goat Cyber.

    Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/

    Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/

    Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/

    Blue Goat Cyber on Facebook: https://www.facebook.com/bluegoatcyber/

    Blue Goat Cyber on YouTube: https://www.youtube.com/@BlueGoatCyber/?sub_confirmation=1

    Ready when you are

    Get FDA cleared without the cybersecurity headaches.

    30-minute strategy session. No cost, no commitment - just answers from people who've shipped 250+ submissions.