Episode 11 · February 4, 2025 · 30m listen · 951 words · ~5 min read
How Trump & RFK Jr Affect AI and Medical Device Cybersecurity Guidelines | Ep. 10 - Full Transcript | The Med Device Cyber Podcast
Read the complete, searchable transcript of Episode 11 of The Med Device Cyber Podcast - expert conversations on medical device cybersecurity, FDA premarket and postmarket guidance, SBOM management, threat modeling, and penetration testing.
Prefer the listening experience? Open the episode page for the synopsis, key takeaways, topics, and Apple / YouTube listen links.
Episode summary
This podcast episode delves into the potential shifts in medical device cybersecurity guidelines and FDA regulations under new administrations, specifically examining the impacts of a possible Trump and RFK Jr. influence. The hosts discuss the anticipated push for efficiency within the FDA, which might lead to a reduction in bureaucratic processes but could also introduce new complexities for regulatory approvals. A key concern highlighted is the potential for increased challenges for small and startup medical device manufacturers due to tighter regulations and longer approval timelines, contrasting with the greater runway available to larger, established companies. The conversation also explores the implications of potential tariffs on Chinese components, increased scrutiny of the medical device supply chain, and the future of semiconductor manufacturing in the US. The hosts touch upon the controversial idea of abolishing or restructuring the FDA into separate entities for food, drugs, and medical devices. This episode offers valuable insights for product security teams, regulatory leads, and engineers looking to understand and prepare for upcoming changes in the MedTech cybersecurity landscape. It emphasizes the importance of proactive regulatory planning and the "early and often" approach for manufacturers to navigate these evolving challenges effectively.
Key takeaways from this episode
The Trump administration's focus on efficiency could streamline some FDA processes, but also create new regulatory complexities for medical device approvals.
Small and startup medical device manufacturers may face significant delays and increased costs due to potential stricter regulations and tariffs, unlike larger, more established companies.
Proposed tariffs on Chinese components and increased scrutiny of the supply chain will likely raise the cost of innovation and device acquisition.
The effectiveness of government entities like the FDA and TSA is often debated, with discussions around privatizing certain functions and the need for greater transparency.
Manufacturers should prioritize proactive regulatory planning and adopt an 'early and often' development approach to navigate evolving cybersecurity guidelines and potential FDA delays.
Considering the potential for changes in FDA leadership and structure, medical device companies must remain agile and adaptable to new regulatory environments.
Full episode transcript
Page 1 of 2· Paragraphs 1 - 7
Hi, welcome back to The Med Device Cyber Podcast. Today, we're going to be talking about some of the changes that the new administration, the Trump administration, and RFK Jr. may bring, and how they affect the MedTech cybersecurity world. There are going to be quite a few impacts—some positive and some negative. I'm Christian Espinosa, a co-host, and we're here with Trevor, our other co-host. How's it going today, Trevor?
It's going pretty well. How are you doing today? I'm doing good. You know, I'm trying to fix my vision. I'm sick of wearing these glasses, so I've been putting these little things on my back. It's supposed to reflect light off your body back into your body to help your body self-heal. I don't know how well it's working. It's called LifeWave X39. I've been doing it for a while, but my vision doesn't seem to be getting any better. We'll see if it works. I noticed they're not FDA regulated because they're not invasive, I think. It's like putting a sticker on you, probably. It's kind of stupid. We'll see if it works.
Yeah, it kind of sounds like snake oil, but you never know. Well, it's sold by an MLM, a multi-level marketing organization, so I generally think anything sold by an MLM is not legitimate. But that could just be a fake belief of mine. I'm going to go back and say it's definitely snake oil now. All right, so what do you think are some of the main changes we're going to have with the new administration, with medical devices, and specifically medical device cybersecurity?
I think it's going to be interesting to see. There are a lot of rumors floating around on what may happen or what may not happen. I think some of the big things that the Trump administration, in general, is pushing for is the reduction of inefficiencies and trying to minimize where possible. In regards to the FDA, the FDA has their hands in a lot of different areas. It's a huge agency—huge from the impact, not from the actual size. So I think there isn't too much more room to drive efficiency with, say, the workforce in the FDA, but a lot of the policies that they're trying to move forward are in an effort to drive efficiency. They want to see a little bit of reduction in some of the bureaucratic processes and a little bit more of a smooth process for someone trying to submit into the FDA for a drug or for a device. I think that in practice it might be actually more complicated from a regulatory perspective, but I guess there's no way of really knowing until we see where it goes.
So are you saying that because the Trump administration is ironically anti-government, they're trying to cut the chaff out of the government, that we're going to have less oversight? I think that's their intention, but there's a big drive for greater safety in medical devices and drugs, which inherently leads to tighter and stricter regulations. I was thinking about this earlier. We've got Trump and Elon Musk that want to make the government more efficient, but then we've got RFK that wants to make devices and drugs safer. So how do we achieve efficiency when we want to cut staff but also elevate cybersecurity and safety?
I think that is the million-dollar question, and whoever figures that out figures out a lot of other problems as well. I know RFK has said some pretty out-there things in the past about the FDA, even going so far as previously saying the FDA should be abolished. So there definitely has to be a middle ground between getting rid of it altogether and clamping down so much that nobody can get approved. If these regulations get tighter, my concern is that small manufacturers won't be able to get through. They won't have the runway. A startup will start burning money trying to get regulatory approval where a big medical device company doesn't care if it takes them a year or two or three years. They can keep on waiting; they have the money and recurring revenue, so it's not as big of a concern to them. But again, it's still up in the air. I think the next six months to a year will be a little bit more telling on exactly where that goes.
Yeah, I think the delay to market, or if there are additional requirements, that's going to make it much more difficult for a startup, as you mentioned, because they're dependent on rounds of funding. The other thing I think is impactful is Trump wants to put up to 60% tariffs on China, and I think a lot of the components for medical devices come from China. This is obviously going to increase the cost of innovation and the cost of acquiring the device once it's on the market. What do you think about that impact? Do you think that's actually going to happen, or do you think that's another one of these rumors?