Skip to main content
    Back to episode
    Episode 21 · August 26, 2025 · 43m listen · 7,485 words · ~37 min read

    Integrating Project Management to Strengthen Cybersecurity Outcomes with Steve Curry | Ep. 34 - Full Transcript | The Med Device Cyber Podcast

    Read the complete, searchable transcript of Episode 21 of The Med Device Cyber Podcast - expert conversations on medical device cybersecurity, FDA premarket and postmarket guidance, SBOM management, threat modeling, and penetration testing.

    Prefer the listening experience? Open the episode page for the synopsis, key takeaways, topics, and Apple / YouTube listen links.

    Episode summary

    In this episode of the Med Device Cyber Podcast, host Christian Espinosa, a Project Management Professional (PMP) himself, interviews Steve Curry, the founder of Mustard Seed, a firm dedicated to improving project management within the life sciences. The central theme of the discussion is the critical intersection of project management, cybersecurity, and medical device innovation. Both Espinosa and Curry argue that many of the challenges MedTech innovators face, particularly roadblocks related to cybersecurity, could be mitigated by adopting a structured project management framework from the outset, rather than treating these crucial areas as afterthoughts. Steve Curry shares his extensive background, explaining how he transitioned from the high-stakes defense industry to the MedTech sector. He details his experience managing multi-billion dollar, firm-fixed-price helicopter programs, an environment where rigorous project management was not just a best practice but a necessity to prevent catastrophic failures and massive financial losses. Upon moving into the sciences, Curry noticed that these disciplined project management principles were often neglected, presenting a significant opportunity to help innovators improve their execution. This led him to establish Mustard Seed, a company whose name serves as an analogy: like a tiny mustard seed growing into a large tree, a small, well-implemented project management plan can yield an immense positive impact. Curry's company now consists of a team of project managers who support MedTech, biotech, and pharma companies in their developmental efforts, helping them navigate the complexities of bringing a product to market efficiently. The main argument of the episode is that proactive planning is essential for success. Both speakers emphasize the mantra, "plan the work, then work the plan." They discuss the common failure of MedTech startups to integrate cybersecurity into their initial project plans, which often results in costly delays and redesigns just before pre-market submission. Curry advocates for creating a comprehensive, executable plan, such as an Integrated Master Schedule, that accounts for all aspects of development, including regulatory and cybersecurity requirements. Tackling the simple, foundational elements of planning early allows teams to build momentum and conserve the energy and resources needed to address the more difficult, unexpected challenges that inevitably arise during development. The conversation also highlights that while various project management software tools exist, the specific tool is less important than the discipline of creating, maintaining, and executing a well-thought-out plan.

    Key takeaways from this episode

    • Applying robust project management principles to MedTech innovation can prevent cybersecurity from becoming a last-minute roadblock that delays time-to-market.
    • Rigorous project management, like that found in the defense industry, is critical in the sciences to effectively manage risk, time, and resources.
    • A core principle for success is to "plan the work, and then work the plan," ensuring all tasks, including cybersecurity, are mapped out from the beginning.
    • Cybersecurity should be treated as an iterative process integrated throughout the entire product development lifecycle, not as a single task to be completed at the end.
    • Founders and CEOs of MedTech startups are often in a tough spot with limited funds, making efficient project execution crucial to conserving capital and avoiding waste.
    • Effective project management is an often-overlooked function that, like a mustard seed, can have an outsized, positive impact on a company's growth and success.
    • The specific project management software used is less important than the actual discipline of creating and adhering to a detailed, comprehensive project plan.

    Full episode transcript

    Page 1 of 9· Paragraphs 1 - 23
    Host: Hi, welcome to another episode of the Med Device Cyber podcast. Today I'm here with a guest Steve Curry. Steve works with project management. And project management is one of my favorite topics. I am a project manager, a PMP myself, project management professional. And I think our lives would greatly improve if we implemented some project management principles in our lives as well as our business and pretty much everything we do. So I'm excited to talk about project management today and tie it to cybersecurity because I feel like if people applied cybersecurity in a project management framework, we wouldn't have as many challenges as we do with medtech innovators getting roadblocked by cybersecurity because they forgot to put it in their project management plan. So welcome to the show, Steve. How's it going today? Guest: Yeah, thanks for uh, having me today, Christian, appreciate it. Excited to be on the podcast and uh, talking to your audience. So thanks for the invite. Host: Awesome. And where are you uh, coming from today? Where you? Guest: I'm based out of Westchester, Pennsylvania, beautiful suburb of uh, Philadelphia. Host: All right, awesome. Yeah, a friend of mine uh, lives in Philadelphia and he says that they grow a lot of mushrooms in Philadelphia. Is that true? Guest: I don't know. I don't know anything about that. Perhaps. Host: All right, cool. Um, and you're with Mustardseed. Can you tell us a little bit about Mustardseed and maybe the name and kind of what, what you do in medtech and a little bit about the background? Guest: Yeah, yeah, absolutely. So I started Mustardseed four years ago with the idea that project management in the sciences needs to be better. So I really cut my teeth in the defense industry working on big uh helicopter programs. Programs that were generally firm fixed price a billion or two billion dollar uh price tags associated with those programs. And so when you have large scale firm fixed price contracts, the project and program management best practices have to be good or else your company might put lives in danger and or, uh, you may have a loss of a couple hundred million dollars on that program, right? So the rigor was uh, was something that I took with me the rest of my career. Left that uh, that industry and went into the sciences um, and in the sciences I noticed project management best practices are infrequently utilized and there was a real opportunity to make a difference for those scientists and innovators that are making a making a huge impact on our on our world. So I wanted to help where I could and so yeah, the last four years, um, we've been uh bringing on uh, project managers and we have been supporting Medtech, biotech and pharma companies in their developmental efforts, and it's been a lot of fun. So, we've got a team of about 15 project managers today supporting uh, a little over a dozen clients in a variety of different ways. Host: Awesome. And where does the company name come from? It's a very unique name. Guest: Yeah, so if you've ever seen mustard seeds, they're about the size of a grain of sand or even smaller. Um, but they can grow as plants to be eight or nine feet tall if properly cared for. And so for me, that was a analogy of project management in the sciences where uh, it's often overlooked, but if you know uh, what you're looking at and properly integrated into your team, uh, it can be a uh, differentiator and an important part of what you're trying to do. Host: Awesome. Is that where mustard comes from? The mustard plants actually? I don't even know. Guest: Yeah, I believe so. Host: Yep. Guest: Okay. Host: Cool. Guest: I'm more of a mayonnaise guy, but uh, Host: Awesome. Guest: yeah. Host: I, I prefer horseradish. I used to live in Illinois where the horseradish capital of the world was. So yeah. Cool. And so you've been, you're, you're originally worked with a DOD, it sounds like with some of the big defense contracting. Uh, a lot of my experience was, was in DOD as well, um, with project management also. What are some of the biggest challenges in medtech when it comes to project management, you feel like? I know you mentioned a lot of people just don't even consider it. Besides that, what are some of the bigger challenges? Guest: Yeah, you're right. The first hurdle is just consideration. so we always say, um, plan the work and work the plan. So I'm not so bothered if you want to put that plan down in Smartsheet or in Microsoft project or Primavera P6 or if you want to draw it in the dirt, uh, it doesn't really matter as long as you think through what needs to happen in what order. Uh, that's really the critical piece there.
    1 / 9