SaMD, Digital Ecosystems and the New Rules for Cybersecurity

Randy Horton
Randy Horton
Published on: September 4th, 2025
Sep 2025 Webinar Banner

Cybersecurity expectations for medical devices just shifted again. On June 27, 2025, the FDA issued its updated Cybersecurity in Medical Devices guidance, expanding requirements for “cyber devices,” clarifying FDORA §524B obligations, and reinforcing expectations around SBOMs, vulnerability disclosure, and update planning.

If you’ve already been working to meet the FDA’s 2023 requirements, you may be asking: What’s different this time? Where has the FDA provided more clarity? And how can you demonstrate “reasonable assurance of cybersecurity” in a world where software-driven devices now operate as part of larger digital ecosystems that include mobile apps, cloud services, and connected care platforms?

Join Orthogonal and a panel of experts as we break down what’s new in the 2025 guidance, compare it to the 2023 version, and provide practical insights you can apply directly to your regulatory and engineering strategies.

What We’ll Cover:

  •  Key updates in the June 2025 guidance and how they impact upcoming submissions
  • What FDORA §524B means for “cyber devices,” plus the documentation FDA now expects
  • Expanded requirements for SBOMs, vulnerability disclosure, and update planning so you can avoid review delays
  • How FDA will evaluate “reasonable assurance of cybersecurity” both for stand-alone devices and for products embedded within digital ecosystems of healthcare and consumer technologies
  • Practical steps to incorporate these changes into development, QMS, and compliance workflows

Who Should Attend?

  • Regulatory & Quality Leaders – Anticipate evolving compliance requirements before they create bottlenecks.
  • Executives & Business Leaders – Understand the business risks of non-compliance and the resources needed to stay ahead.
  • Product & Engineering Cybersecurity Teams – Learn how to adapt development practices without slowing innovation.

Don’t get caught off guard. Register today to gain expert insights that will help your team stay compliant, secure, and ready for a connected future.

Register for Cybersecurity Webinar
Oleg Yusim Headshot

VP, Chief Product Security Officer, Illumina

Oleg Yusim

Oleg Yusim is Vice President and Chief Product Security Officer at Illumina, leading programs that secure genomic technologies. He has held senior security roles at Edwards Lifesciences, Baxter International, VMware, and Motorola Solutions, and is recognized for advancing healthcare cybersecurity and building high-performing teams.

Christian Espinosa Headshot

Founder, Blue Goat Cyber

Christian Espinosa

Christian Espinosa is Founder and CEO of Blue Goat Cyber, helping MedTech manufacturers secure devices and meet FDA and global requirements. A U.S. Air Force veteran and seasoned cybersecurity consultant, he has led organizations through submissions, SBOM documentation, and vulnerability testing with a 100% clearance rate. He is also a best-selling author, keynote speaker, and host of The Med Device Cyber Podcast.

Megan Graham Headshot (1)

VP of Regulatory & Quality, Orthogonal

Megan Graham

Megan Graham is a medical device software and regulatory strategy leader with over 25 years of experience in SaMD, AI/ML governance, and software engineering. At Orthogonal, she guides organizations through FDA clearance, ISO 13485 certification, and AI governance, and co-authored a Nature article on QMS practices in healthcare AI.

Randy Horton, VP of Solutions and Partnerships, Orthogonal

Chief Solutions Officer, Orthogonal

Randy Horton

Randy Horton, Chief Solutions Officer at Orthogonal, helps MedTech firms speed up SaMD, DTx, and connected device development by merging modern software practices with regulatory focus. He co-chairs AAMI’s Cloud Computing Working Group and contributes to key reports on cloud-based medical devices. A frequent speaker, he presents at events by AdvaMed, AAMI, RAPS, HLTH, and HFES.

Related Posts

Talk

Medical Device Manufacturers as Providers: A New and Emerging MedTech Model

Talk

Leveraging Automation to Deliver High-Quality MedTech Software

Talk

The Playbook for Running a Multi-Partner Engineering Organization

Talk

Bridging the Gap: SaMD Strategy for Teams Built on Hardware

Back to Insights
BSI ISO 13485 Logo
Terms of Use | Privacy Policy | Careers
All Rights Reserved © 2025 Orthogonal