Blue Goat Cyber logoBlue Goat CyberSMMedical Device Cybersecurity
    K
    Podcast · Episode 70

    Why MedTech Needs Specialists with Zoltan Kevei and Saby Toth of Bishop & Co

    With Zoltan Kevei - Medical software is still underestimated by teams that think generic engineering habits will carry over cleanly into a regulated environment. They do not. The work gets harder when requirements, traceability, security, testing discipline, and approval timelines all collide. A stronger strategy starts earlier, uses spec

    Christian Espinosa, Founder & CEO at Blue Goat Cyber

    By Christian Espinosa, MBA, CISSP

    Founder & CEO · Blue Goat Cyber

    Listen now

    Key takeaways

    • The EU Medical Device Regulation (MDR) and In Vitro Diagnostic Regulation (IVDR) have created significant bottlenecks, making the US FDA approval process a more predictable initial market for many MedTech companies.
    • Artificial Intelligence serves as an efficiency tool for experienced software engineers but does not substitute for human expertise in MedTech development.
    • Over-reliance on AI without expert human oversight can lead to inefficiencies and flaws in code, emphasizing the need for a seasoned developer's guidance and validation.
    • Successful MedTech product development requires a collaborative team of specialized experts in regulatory affairs, software engineering, and cybersecurity.
    • Addressing regulatory compliance and cybersecurity early in the development cycle is crucial to avoid costly delays and rework.
    • Mislabeling simple algorithms as AI to attract investors can introduce unnecessary regulatory scrutiny and complexity for MedTech products.
    • Specialized knowledge in medical software development and regulatory affairs is essential due to the nuanced requirements of the MedTech industry.

    Medical software is still underestimated by teams that think generic engineering habits will carry over cleanly into a regulated environment. They do not. The work gets harder when requirements, traceability, security, testing discipline, and approval timelines all collide.

    A stronger strategy starts earlier, uses specialists sooner, and avoids making AI or code velocity the headline when architectural quality and compliance readiness are what determine whether a product can truly ship.

    Notable quotes

    “The EU was considered easier for market entry previously. Now, with the new regulations, it takes anywhere from 9-13 months, sometimes even two years, to get approval.”
    - Szabolcs Tóth
    “AI is a powerful tool, like a power drill for a carpenter. It makes you more efficient, but it does not make a novice into a carpenter.”
    - Szabolcs Tóth
    “If you rely too heavily on AI without expert oversight, it can lead you into the deep forest, creating inefficient or flawed code that costs a lot to fix.”
    - Zoltan Kevei
    “Bringing a product to market successfully takes a village.”
    - Zoltan Kevei

    Frequently asked questions

    More episodes

    Ready when you are

    Get FDA cleared without the cybersecurity headaches.

    30-minute strategy session. No cost, no commitment - just answers from people who've shipped 250+ FDA submissions.