Blue Goat Cyber logoBlue Goat CyberSMMedical Device Cybersecurity
    K
    Podcast · Episode 39

    Medical Device Startups and Cybersecurity Challenges with Suzy Engwall

    With Suzy Engwall - What are some of the greatest challenges medical device startups face when bringing their products to market? This episode features Suzy Engwall, a healthcare innovation consultant with experience mentoring startups and guiding hospitals.

    Christian Espinosa, Founder & CEO at Blue Goat Cyber

    By Christian Espinosa, MBA, CISSP

    Founder & CEO · Blue Goat Cyber

    Listen now

    Key takeaways

    • Cybersecurity is no longer an afterthought for medical device startups; it is a critical requirement for both FDA approval and hospital procurement.
    • An overwhelming 93% of medtech startups fail, primarily due to a lack of product-market fit and an underestimation of the complexities of healthcare market adoption.
    • Successful medical device adoption in hospitals requires navigating lengthy buying cycles, internal politics, and value analysis committees, which often supersede individual physician champions.
    • The risks associated with medical device cybersecurity extend beyond data breaches to include patient safety threats, such as malicious alteration of a device's core functionality.
    • Hospitals are increasingly implementing their own cybersecurity standards, which can be more rigorous than the FDA's regulations, creating additional hurdles for manufacturers.
    • Innovators must consider the entire healthcare ecosystem, including regulatory pathways, reimbursement models, and clinical workflows, from the initial stages of design.
    • The integration of AI in medical devices introduces new challenges, particularly regarding liability, blurring the lines of responsibility between physicians, AI developers, and healthcare institutions.
    • Early engagement with the FDA is crucial for startups to understand regulatory claims and cybersecurity hurdles.

    What are some of the greatest challenges medical device startups face when bringing their products to market?

    This episode features Suzy Engwall, a healthcare innovation consultant with experience mentoring startups and guiding hospitals. She joins Christian Espinosa and Trevor Slattery to discuss the hidden roadblocks medical device innovators face - from funding gaps to internal hospital politics to overlooked cybersecurity. Together they unpack the realities of FDA compliance, AI-driven decision support, and why raising cybersecurity awareness early can mean the difference between market success and failure.

    Suzy Engwall is a healthcare innovation leader who’s spent the last 20 years shaking up hospitals and mentoring startups. She runs HealthTech Strategies, where she helps founders, investors, and clinicians bridge the gap between big ideas and practical adoption.

    Key points:

    (04:38) Challenges MedTech startups face include funding, go-to-market strategy, and regulatory hurdles, with cybersecurity often overlooked.

    (05:56) Why 93% of med tech startups fail.

    (08:01) How internal politics within hospitals can derail promising innovations.

    (09:32) Hospitals now scrutinize devices for cybersecurity risk beyond FDA approval, raising the bar for manufacturers.

    (12:19) Legacy devices often fail modern cybersecurity requirements, forcing redesigns and frustrating manufacturers.

    (16:43) AI in diagnostics: who’s responsible when mistakes occur?

    (23:24) Why patients rarely question medical devices.

    (31:28) Why cybersecurity is often the last thing innovators ask about - and why that mindset must change.

    Notable quotes

    “Cybersecurity is one that I don't think that startups think about as much as they should. And it is a challenge because it's something that for certain products, you're going to have to have it for FDA approval.”
    - Suzy Engwall
    “I often see people that have issues where maybe they have like a great physician champion who's really kind of working the system to get them in, and then it's been six months, and they're waiting and waiting, and it's close, and then that physician leaves and goes somewhere else, and all of a sudden, everything just gets dropped, and you kind of have to start over.”
    - Suzy Engwall
    “This product is great, but it's going to cost me billable visits, so I probably won't adopt it. And I love the level of honesty, but it also is a sad thing to hear.”
    - Suzy Engwall
    “Cybersecurity is often an afterthought for medtech startups but has become a critical and non-negotiable requirement for both FDA approval and hospital procurement.”
    - Suzy Engwall

    Frequently asked questions

    Bring this work to your device

    Need help with fda postmarket cybersecurity?

    Blue Goat Cyber delivers fda postmarket cybersecurity services for medical device manufacturers - from threat modeling to FDA-ready reports.

    FDA Postmarket Cybersecurity Services

    More on FDA Postmarket Cybersecurity

    Ready when you are

    Get FDA cleared without the cybersecurity headaches.

    30-minute strategy session. No cost, no commitment - just answers from people who've shipped 250+ FDA submissions.