SaMD, Digital Ecosystems and the New Rules for Cybersecurity

Randy Horton
Randy Horton
Published on: September 4th, 2025
Sep 2025 Webinar Banner Post V2

Cybersecurity expectations for medical devices just shifted again. On June 27, 2025, the FDA issued its updated Cybersecurity in Medical Devices guidance, expanding requirements for “cyber devices,” clarifying FDORA §524B obligations, and reinforcing expectations around SBOMs, vulnerability disclosure, and update planning.

If you’ve already been working to meet the FDA’s 2023 requirements, you may be asking: What’s different this time? Where has the FDA provided more clarity? And how can you demonstrate “reasonable assurance of cybersecurity” in a world where software-driven devices now operate as part of larger digital ecosystems that include mobile apps, cloud services, and connected care platforms?

Orthogonal and a panel of experts discussed what’s new in the 2025 guidance, compare it to the 2023 version, and provide practical insights you can apply directly to your regulatory and engineering strategies.

Watch Webinar Recording
Oleg Yusim Headshot

VP, Chief Product Security Officer, Illumina

Oleg Yusim

Oleg Yusim is Vice President and Chief Product Security Officer at Illumina, leading programs that secure genomic technologies. He has held senior security roles at Edwards Lifesciences, Baxter International, VMware, and Motorola Solutions, and is recognized for advancing healthcare cybersecurity and building high-performing teams.

Christian Espinosa Headshot

Founder, Blue Goat Cyber

Christian Espinosa

Christian Espinosa is Founder and CEO of Blue Goat Cyber, helping MedTech manufacturers secure devices and meet FDA and global requirements. A U.S. Air Force veteran and seasoned cybersecurity consultant, he has led organizations through submissions, SBOM documentation, and vulnerability testing with a 100% clearance rate. He is also a best-selling author, keynote speaker, and host of The Med Device Cyber Podcast.

Megan Graham Headshot (1)

VP of Regulatory & Quality, Orthogonal

Megan Graham

Megan Graham is a medical device software and regulatory strategy leader with over 25 years of experience in SaMD, AI/ML governance, and software engineering. At Orthogonal, she guides organizations through FDA clearance, ISO 13485 certification, and AI governance, and co-authored a Nature article on QMS practices in healthcare AI.

Bernhard Kappe

Founder & CEO, Orthogonal

Bernhard Kappe

Bernhard Kappe is Founder and CEO of Orthogonal. For over a decade, he’s led innovation in SaMD, DTx, and connected medical devices. He authored Agile in an FDA Regulated Environment and co-authored AAMI’s cloud computing report. A Penn and Wharton grad, he founded ChiPMA and the Chicago Lean Startup Challenge, helping MedTech firms advance impactful software.

Related Posts

Talk

Medical Device Manufacturers as Providers: A New and Emerging MedTech Model

Talk

Leveraging Automation to Deliver High-Quality MedTech Software

Talk

The Playbook for Running a Multi-Partner Engineering Organization

Talk

Bridging the Gap: SaMD Strategy for Teams Built on Hardware

Back to Insights
BSI ISO 13485 Logo
Terms of Use | Privacy Policy | Careers
All Rights Reserved © 2025 Orthogonal