Episode 20 · February 4, 2025 · 30m listen · 4,242 words · ~21 min read
How Trump & RFK Jr Affect AI and Medical Device Cybersecurity Guidelines | Ep. 10 - Full Transcript | The Med Device Cyber Podcast
Read the complete, searchable transcript of Episode 20 of The Med Device Cyber Podcast - expert conversations on medical device cybersecurity, FDA premarket and postmarket guidance, SBOM management, threat modeling, and penetration testing.
Prefer the listening experience? Open the episode page for the synopsis, key takeaways, topics, and Apple / YouTube listen links.
Episode summary
In this episode of The Med Device Cyber Podcast, hosts Christian Espinosa and Trevor Slattery from Blue Goat Cyber delve into the potential impacts of a new Trump administration, along with the influence of figures like Robert F. Kennedy Jr., on the medical device and MedTech cybersecurity landscape. The conversation begins with a lighthearted discussion about a non-FDA regulated wellness patch, which serves as a segue into the complexities and varying levels of governmental oversight in the health industry. The core of the episode centers on the conflicting potential policy directions. On one hand, the Trump administration is generally associated with a push for deregulation and increasing government efficiency by reducing bureaucratic overhead and staffing. On the other hand, figures like RFK Jr. advocate for making medical devices and drugs safer, which would likely necessitate more stringent and complex regulations.
The hosts explore this juxtaposition, questioning how an administration could simultaneously reduce oversight while increasing safety requirements. They argue that this could create a challenging environment for medical device manufacturers, especially smaller startups. Tighter, more complex regulations, even with the goal of increased safety, often translate to longer and more expensive approval processes. This reality could inadvertently favor large, established companies that have the financial runway and dedicated regulatory teams to navigate these hurdles, while potentially stifling innovation from smaller, venture-backed startups that operate on tighter timelines and budgets. The conversation highlights that increased oversight and regulatory hurdles could lead to significant market delays, which startups can ill afford.
Espinosa and Slattery also discuss specific rumored policy changes and their potential ramifications. A major point of concern is the proposal of imposing tariffs of up to 60% on goods imported from China. As a significant portion of medical device components are sourced from China, such a policy would drastically increase manufacturing costs, with the burden ultimately being passed on to healthcare providers and patients. Further, they touch upon the possibility of increased scrutiny on the entire supply chain, which, while beneficial for security, would add another layer of administrative complexity. The hosts also mention rumors about dismantling the Cyber Safety Review Board (CSRB) and the idea of splitting the FDA into specialized agencies for food, drugs, and devices. They conclude with practical advice for manufacturers: focus on getting regulatory submissions right the first time and adopt an agile, "early and often" product development strategy to adapt to potential market and regulatory shifts.
Key takeaways from this episode
A potential new Trump administration might introduce conflicting policies: a drive for deregulation and efficiency clashing with calls for enhanced medical device safety, which implies stricter regulations.
Increased regulatory complexity and oversight could make it more difficult for startups to bring products to market, potentially favoring larger manufacturers with greater resources.
Proposed tariffs of up to 60% on Chinese goods could severely disrupt the medical device supply chain and significantly increase the cost of healthcare technology.
There is speculation that the FDA could be restructured into separate, more specialized agencies for food, drugs, and medical devices, a move with uncertain consequences for efficiency.
The Cyber Safety Review Board (CSRB) might be dismantled, shifting more responsibility for incident response and analysis to the private sector.
The hosts emphasize the importance of getting regulatory submissions right the first time to avoid costly and time-consuming back-and-forths with the FDA.
For startups and innovators, adopting a Minimum Viable Product (MVP) strategy—getting a product to market early and iterating based on user feedback—is a crucial approach to navigate a shifting landscape.
Full episode transcript
Page 1 of 6· Paragraphs 1 - 17
Christian: Hi, welcome back to the Med Device Cyber podcast. Today we're going to be talking about some of the changes that the new administration, the Trump administration and RFK Jr, some of these changes and how they affect the med-tech cybersecurity world.
And there's going to be quite a few of impacts, I think, uh some positive and some negative. So I'm Christian Espinosa, I'm a co-host and we're here with Trevor, our other co-host. How's it going today, Trevor?
Trevor: It's going pretty well. How are you doing today?
Christian: I'm doing good. You know, I'm trying to like fix my vision. I'm sick of wearing these glasses. So I've been putting these like these little things on my back. It's supposed to like, I think it's largely BS. It's like a a patch that's supposedly uh reflects the light off your body back into your body to help your body like self-heal. I don't know how well it's working. It's called LifeWave X39.
I've been doing it for a while but my vision doesn't seem to be getting any better. So it's supposed to fix your vision we'll see. But I noticed, I looked it up, these are not FDA regulated because they're non-invasive I think is why. It's just like, it's like putting a sticker on, you probably it's kind of stupid. I don't know. We'll see if it works.
Trevor: Yeah, it kind of sounds like snake oil, but you never know.
Christian: Well, it's uh sold by a MLM, a multi-level marketing organization, so I I generally think anything sold by an MLM is not legitimate, but that could just be, you know, a fake belief of mine.
Trevor: I'm going to go back and say it's definitely snake oil now.
Christian: Yeah. All right, so what um what do you think are some of the main changes we're going to have because of the new administration with medical devices and specifically medical device cybersecurity?
Trevor: I think it's going to be interesting to see there are a lot of rumors floating around on what may happen or what may not happen. Um I think some of the big things that the Trump administration in general is pushing for is reduction of inefficiencies and trying to sort of minimize where possible.
Um in regards to the FDA, the FDA has their hands in a lot of different areas and so it's a huge agency. Well, a huge agency from the impact, not from the actual size. And so I think there isn't too much more room to drive efficiency with, say, the workforce in the FDA. But a lot of the policies that they're trying to move forward are in an effort to drive efficiency. They want to see a little bit of reduction in some of the bureaucratic processes and a little bit more um, just a little bit more of a smooth process for someone trying to submit into the FDA for a drug or for a device.
I think that from practice, it might be actually more complicated from a regulatory perspective, but I guess there's no way of really knowing until we see where it goes.
Christian: So are you, are you saying that because the Trump administration is like, ironically, anti-government a little bit, they're trying to like cut the the chaff out of the government that we're going to have less oversight?
Trevor: I think that's their intention, but there's a big drive for greater safety in medical devices and drugs, which inherently just leads to tighter and stricter regulations.
Christian: So so, so I was thinking about this uh earlier. We've got Trump that and Musk, Elon that want to like make the government more efficient, but then we've got RFK that wants to make the devices safer, the drugs more safer. So how do we achieve efficiency when we cut, when we want to like cut the staff but also elevate, you know, cyber security and safety and all that? What what do you think about that juxtaposition?
Trevor: I think that is the million dollar question and whoever figures that out figures out a lot of other problems as well. Um I know RFK has said some pretty out there things in the past about the FDA, even going so far as previously saying the FDA should be abolished. So there definitely has to be a middle ground between get rid of it all together and clamp down so much that nobody can get approved.
If these regulations get tighter, my concern is that small manufacturers won't be able to get through. They won't have the runway, like a startup VC backed is going to start burning money trying to get regulatory approval. Where a big medical device company, they don't care if it takes them a year or two years or three years. They can keep on waiting. They have the money, they have that recurring revenue, so it's not as big of a concern to them.