The Med Device Cyber Podcast

What MedTech Can Learn from the Casino Industry with Melissa Aarskaug | Ep 75

41 min · 25. juni 2026
episode What MedTech Can Learn from the Casino Industry with Melissa Aarskaug | Ep 75 cover

Description

For years, cybersecurity has been viewed as an IT responsibility. Today's threat landscape demands something very different. In this episode of the Med Device Cyber Podcast, Christian Espinosa is joined by Melissa Aarskaug, a cybersecurity executive with extensive experience protecting highly regulated industries, including banking and casino gaming. Melissa shares lessons from an industry where operations run 24 hours a day, every day of the year, and where even a few minutes of downtime can have enormous financial consequences. The conversation explores why attackers increasingly target regulated industries, how cyber resilience differs from compliance, and why cybersecurity has evolved into a leadership issue rather than simply an IT function. Melissa explains why organisations should focus less on preventing every possible attack and more on ensuring the business can continue operating when incidents occur. Christian and Melissa also discuss how medical device manufacturers can learn from the gaming industry's approach to resilience, the growing role of AI in both cyber defence and cybercrime, why cybersecurity should be integrated into quality management systems, and how leadership teams can better prioritise cyber risk across their organisations. Whether you're a MedTech founder, cybersecurity professional, healthcare leader, or product developer, this episode offers practical insights into building more resilient organisations in an increasingly connected world. Episode Breakdown * 00:00 Introduction * 01:09 Lessons from protecting the gaming industry * 01:58 Why attackers target regulated industries * 05:22 Cybersecurity is about pressure, not industries * 06:07 Compliance versus cyber resilience * 08:08 Medical devices and connected ecosystems * 12:29 The famous fish tank cyberattack * 15:03 FDA expectations versus hospital expectations * 16:04 AI, cyber maturity and the future of security * 17:25 Four priorities every leader should focus on * 21:24 Why penetration tests often fail to create change * 24:38 FDA compliance and designing security from the beginning * 26:48 Cyber insurance isn't a silver bullet * 32:21 Cybersecurity is becoming part of quality * 33:26 Why cybersecurity is moving beyond IT * 37:42 Final thoughts and key takeaways Find Melissa Aarskaug here on LinkedIn: https://www.linkedin.com/in/melissa-aarskaug/ The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity experts providing essential security solutions for the medical device industry. Learn more by visiting https://bluegoatcyber.com. If you're interested in our services or partnering with us, schedule a Discovery Session: https://go.bluegoatcyber.com/meetings/blue-goat-cyber/discovery-session Christian Espinosa is the CEO and founder of Blue Goat Cyber. Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/ Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/ Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/ Blue Goat Cyber on Facebook: https://www.facebook.com/bluegoatcyber/ Blue Goat Cyber on YouTube: https://www.youtube.com/@BlueGoatCyber/?sub_confirmation=1

Comments

0

Be the first to comment

Sign up now and become a member of the The Med Device Cyber Podcast community!

Get Started

1 month for 9 kr.

Then 99 kr. / month · Cancel anytime.

  • Podcasts kun på Podimo
  • 20 lydbogstimer pr. måned
  • Gratis podcasts

All episodes

90 episodes

episode From Science Fiction to Visual Prosthesis with Frederik Ceyssens | Ep. 77 artwork

From Science Fiction to Visual Prosthesis with Frederik Ceyssens | Ep. 77

What if a blind person could use a pair of glasses where information is transmitted wirelessly to an implant in the visual cortex, allowing them to perceive shapes, movement, and elements of their surroundings? In this episode of the Med Device Cyber Podcast, Christian Espinosa speaks with Frederik Ceyssens, CEO and co-founder of ReVision Implant, about the development of a visual prosthesis designed to restore useful vision by stimulating the brain directly. Frederik explores why his team chose to bypass the eyes and optic nerve, how flexible electrode arrays can stimulate thousands of points within the visual cortex, and what researchers have learned through long-term animal studies. The conversation also explores the cybersecurity risks surrounding neurotechnology. An attacker could potentially interfere with wireless communication, alter the device’s algorithm, or increase stimulation to unsafe levels. The implant may also remain inside a patient for decades, creating difficult questions about encryption, software updates, and technologies that may become obsolete during the device’s lifetime. In This Episode: * 00:38 Frederik’s background in neural implant research * 02:31 Why ReVision Implant targets the visual cortex instead of the eye * 04:26 Developing flexible brain electrodes through long-term testing * 06:48 Raising €4 million to advance the technology * 07:42 Preparing for the first proof of concept with a human volunteer * 09:24 How the glasses and brain implant work together * 11:04 What vision through the implant may look like * 12:33 Why colour and depth perception remain difficult * 16:16 The cybersecurity implications of a visual prosthesis * 17:43 How an attacker could manipulate the device * 20:25 The hardest parts of developing neurotechnology * 22:42 How the implant was tested using monkeys * 26:12 Designing an implant that can last 15 to 25 years * 28:28 Why today’s encryption may not remain secure for decades * 30:16 Why replacing the implant would require months of rehabilitation * 34:51 How close the technology is to science fiction * 36:07 The next steps towards testing with blind volunteers Find Frederik Ceyssens on Linkedin: https://www.linkedin.com/in/frederikceyssens/ [https://www.linkedin.com/in/frederikceyssens/] Find ReVision Implant at: https://revisionimplant.comhttps://revisionimplant.com [https://revisionimplant.com] The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity experts providing essential security solutions for the medical device industry. Learn more by visiting https://bluegoatcyber.comhttps://bluegoatcyber.com [https://bluegoatcyber.com]. If you’re interested in our services or partnering with us, schedule a Discovery Session: https://go.bluegoatcyber.com/meetings/blue-goat-cyber/discovery-sessionhttps://go.bluegoatcyber.com/meetings/blue-goat-cyber/discovery-session [https://go.bluegoatcyber.com/meetings/blue-goat-cyber/discovery-session] Christian Espinosa is the CEO and founder of Blue Goat Cyber. Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/https://www.linkedin.com/in/christianespinosa/ [https://www.linkedin.com/in/christianespinosa/] Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/https://www.linkedin.com/company/blue-goat-cyber/ [https://www.linkedin.com/company/blue-goat-cyber/] Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/https://www.instagram.com/bluegoatcyber/ [https://www.instagram.com/bluegoatcyber/] Blue Goat Cyber on Facebook: https://www.facebook.com/bluegoatcyber/https://www.facebook.com/bluegoatcyber/ [https://www.facebook.com/bluegoatcyber/] Blue Goat Cyber on YouTube: https://www.youtube.com/@BlueGoatCyber/?sub_confirmation=1 [https://www.youtube.com/@BlueGoatCyber/?sub_confirmation=1]

Yesterday39 min
episode Building Medical Devices Right the First Time with Helen Souris | Ep 76 artwork

Building Medical Devices Right the First Time with Helen Souris | Ep 76

Bringing an innovative medical device to market takes far more than a great idea. It requires regulatory strategy, cybersecurity, quality systems, and commercial planning from the very beginning. In this episode of the Med Device Cyber Podcast, Christian Espinosa is joined by Helen Souris, CEO of CardiHab and Board Member of the Medical Technology Association of Australia (MTAA), to discuss why so many promising digital health companies struggle when they leave the startup phase and enter the realities of regulation. Helen shares her experience leading a digital therapeutics company, raising investment in Australia, navigating software as a medical device regulations and helping startups avoid costly mistakes that can delay or even derail commercial success. The conversation explores why cybersecurity is becoming a deciding factor in procurement, how founders should think about regulatory strategy before writing a single line of code, why quality management systems cannot be bolted on later, and the real-world consequences of ignoring compliance until it's too late. Whether you're building a medical device, digital therapeutic, AI healthcare platform or connected medical technology, this episode offers practical advice for creating products that are secure, compliant and built to scale. In This Episode: * 00:57 Helen's journey from pharma to digital therapeutics * 04:33 The realities of raising MedTech investment in Australia * 09:06 Why choosing the right investor matters * 13:22 Why many digital health startups misunderstand regulation * 15:21 Why cybersecurity comes up in every customer conversation * 16:15 Why founders still leave cybersecurity until the end * 16:53 Building regulation, quality and cybersecurity from Day One * 18:31 The $93 million company forced to pull its product * 21:09 Explaining medical devices through the user journey * 22:50 The stadium hacking analogy that changes perspectives * 25:13 Why wearables need a medical lens * 26:57 The fake Wi-Fi demonstration everyone should remember * 28:20 Why rebuilding is always more expensive than building properly * 29:30 Christian's biggest takeaways Find Helen Souris here on LinkedIn: https://www.linkedin.com/in/helen-souris/ The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity experts providing essential security solutions for the medical device industry. Learn more by visiting https://bluegoatcyber.com. If you're interested in our services or partnering with us, schedule a Discovery Session: https://go.bluegoatcyber.com/meetings/blue-goat-cyber/discovery-session Christian Espinosa is the CEO and founder of Blue Goat Cyber. Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/ Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/

10. juli 202631 min
episode What MedTech Can Learn from the Casino Industry with Melissa Aarskaug | Ep 75 artwork

What MedTech Can Learn from the Casino Industry with Melissa Aarskaug | Ep 75

For years, cybersecurity has been viewed as an IT responsibility. Today's threat landscape demands something very different. In this episode of the Med Device Cyber Podcast, Christian Espinosa is joined by Melissa Aarskaug, a cybersecurity executive with extensive experience protecting highly regulated industries, including banking and casino gaming. Melissa shares lessons from an industry where operations run 24 hours a day, every day of the year, and where even a few minutes of downtime can have enormous financial consequences. The conversation explores why attackers increasingly target regulated industries, how cyber resilience differs from compliance, and why cybersecurity has evolved into a leadership issue rather than simply an IT function. Melissa explains why organisations should focus less on preventing every possible attack and more on ensuring the business can continue operating when incidents occur. Christian and Melissa also discuss how medical device manufacturers can learn from the gaming industry's approach to resilience, the growing role of AI in both cyber defence and cybercrime, why cybersecurity should be integrated into quality management systems, and how leadership teams can better prioritise cyber risk across their organisations. Whether you're a MedTech founder, cybersecurity professional, healthcare leader, or product developer, this episode offers practical insights into building more resilient organisations in an increasingly connected world. Episode Breakdown * 00:00 Introduction * 01:09 Lessons from protecting the gaming industry * 01:58 Why attackers target regulated industries * 05:22 Cybersecurity is about pressure, not industries * 06:07 Compliance versus cyber resilience * 08:08 Medical devices and connected ecosystems * 12:29 The famous fish tank cyberattack * 15:03 FDA expectations versus hospital expectations * 16:04 AI, cyber maturity and the future of security * 17:25 Four priorities every leader should focus on * 21:24 Why penetration tests often fail to create change * 24:38 FDA compliance and designing security from the beginning * 26:48 Cyber insurance isn't a silver bullet * 32:21 Cybersecurity is becoming part of quality * 33:26 Why cybersecurity is moving beyond IT * 37:42 Final thoughts and key takeaways Find Melissa Aarskaug here on LinkedIn: https://www.linkedin.com/in/melissa-aarskaug/ The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity experts providing essential security solutions for the medical device industry. Learn more by visiting https://bluegoatcyber.com. If you're interested in our services or partnering with us, schedule a Discovery Session: https://go.bluegoatcyber.com/meetings/blue-goat-cyber/discovery-session Christian Espinosa is the CEO and founder of Blue Goat Cyber. Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/ Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/ Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/ Blue Goat Cyber on Facebook: https://www.facebook.com/bluegoatcyber/ Blue Goat Cyber on YouTube: https://www.youtube.com/@BlueGoatCyber/?sub_confirmation=1

25. juni 202641 min
episode The Future of Cardio-Oncology Wearables with Ryan Neely | Ep 74 artwork

The Future of Cardio-Oncology Wearables with Ryan Neely | Ep 74

Cancer treatment is already difficult enough without adding more hospital visits, more testing, and more delays. Yet many cancer therapies carry a significant risk of damaging the heart, forcing patients to undergo regular cardiac screening throughout their treatment journey. What if clinicians could monitor cardiac function with a simple wearable patch instead? In this episode of the Med Device Cyber Podcast, Christian Espinosa sits down with Ryan Neely, co-founder and CEO of Skribe Medical. Ryan shares his journey from neuroscience research and implantable neuroprosthetics to building a company focused on improving cardiac monitoring for cancer patients. The discussion explores the growing field of cardio-oncology and the challenges patients face when cancer treatment depends on frequent cardiac assessments. Ryan explains how Skribe Medical's wearable monitoring platform aims to reduce treatment delays while improving patient convenience through a battery-free, AI-powered patch designed to measure cardiac function. The conversation also takes a deep dive into cybersecurity considerations for connected medical devices. Ryan and Christian discuss common misconceptions about cybersecurity risk, why hospital networks often present greater challenges than home environments, and how device manufacturers should think about security as products evolve from standalone systems to connected healthcare technologies. Finally, the episode explores commercialization, reimbursement models, FDA engagement, and the reality that regulatory clearance is often just one milestone in a much longer journey toward successful adoption. Whether you're a MedTech founder, healthcare innovator, cybersecurity professional, or clinician, this episode offers valuable insights into the intersection of patient care, connected devices, and healthcare innovation. Episode Breakdown * 00:00 – Introduction * 01:53 – The hidden cardiac risks of cancer treatments * 02:58 – Skribe Medical's wearable cardiac monitoring platform * 03:53 – Future applications beyond oncology * 04:45 – Battery-free device design and patient comfort * 06:00 – Remote patient monitoring and reimbursement models * 09:40 – Cybersecurity risks for connected medical devices * 14:06 – Why hospital networks present unique security challenges * 16:02 – FDA cybersecurity expectations and evolving regulations * 19:03 – Regulatory changes and long MedTech development cycles * 21:02 – Commercialization versus FDA approval * 24:13 – AI models and the Predetermined Change Control Plan * 25:55 – The realities of clinical testing and device validation * 28:14 – Final takeaways and lessons learned Find Ryan Neely here on LinkedIn: https://www.linkedin.com/in/ryan-neely-ph-d-14464340/ The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity experts providing essential security solutions for the medical device industry. Learn more by visiting https://bluegoatcyber.com. If you're interested in our services or partnering with us, schedule a Discovery Session: https://go.bluegoatcyber.com/meetings/blue-goat-cyber/discovery-session Christian Espinosa is the CEO and founder of Blue Goat Cyber. Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/ Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/ Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/ Blue Goat Cyber on Facebook: https://www.facebook.com/bluegoatcyber/ Blue Goat Cyber on YouTube: https://www.youtube.com/@BlueGoatCyber/?sub_confirmation=1

18. juni 202632 min
episode Navigating U.S. Market Entry for MedTech Developers with JJ Amell | Ep 73 artwork

Navigating U.S. Market Entry for MedTech Developers with JJ Amell | Ep 73

When you develop a groundbreaking medical device, you assume the engineering and clinical data will carry you across the finish line. The legal landscape of U.S. market entry involves layers of corporate traps that most innovators completely overlook. In this episode of the Med Device Cyber Podcast, Christian and Trevor sit down with JJ Amell, the founder of Amell Law, to unpack the complex realities of international corporate structuring, business immigration, and intellectual property protection. JJ shares his unique transition from building computers and working within his father's cardiology practice to guiding international medical technology firms through federal bureaucracy. The trio explores why setting up a basic LLC through automated online legal platforms leaves multi-million dollar startups exposed to catastrophic liability. They break down the tactical timing of securing O-1 founder visas and investor visas before state borders close behind you, and analyze the shifting corporate battleground between Delaware and Texas for control over majority shareholder decisions. The specifics may differ, but the challenge is the same: protecting what you've built. This conversation covers everything from Customs and Border Protection issues to defending service marks against public database scrapers. Episode Breakdown: * 00:00 - Intro * 00:54 - Welcoming MedTech attorney JJ Amell * 03:38 - Solving legal pain points for global innovators * 06:11 - The three pillars of U.S. market entry * 08:33 - The inverse market challenge: Moving from Europe to the U.S. * 10:43 - Factoring in fiscal repercussions and international tax consultations * 12:57 - State jurisdictions: Delaware standards vs Texas corporate law * 16:21 - California red tape and the rise of alternative technology hubs * 22:41 - Reverse engineering corporate strategy to avoid late-stage corrections * 25:44 - The danger of automated penetration tests and interactive FDA reviews * 29:39 - Deportation risks and B-1/B-2 tourist visa limitations * 31:24 - Government bureaucracy timelines and USPTO trademark processing realities * 33:04 - Public database scraping and the explosion of corporate filing scams * 37:37 - AI voice cloning and deepfake vulnerabilities targeting tech executives * 40:52 - Code Blue Chart: Documented cybersecurity fatalities in healthcare * 44:25 - Closing thoughts and reconnecting with nature Find JJ Amell here on LinkedIn: https://www.linkedin.com/in/jjamellesq/ The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity experts providing essential security solutions for the medical device industry. Learn more by visiting https://bluegoatcyber.com. If you're interested in our services or partnering with us, schedule a Discovery Session: https://go.bluegoatcyber.com/meetings/blue-goat-cyber/discovery-session Christian Espinosa is the CEO and founder of Blue Goat Cyber. Trevor Slattery is the Chief Operating Officer at Blue Goat Cyber. Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/ Trevor Slattery on LinkedIn: https://www.linkedin.com/in/trevor-slattery-34852b1a9 Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/ Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/ Blue Goat Cyber on Facebook: https://www.facebook.com/bluegoatcyber/ Blue Goat Cyber on YouTube: https://www.youtube.com/@BlueGoatCyber/?sub_confirmation=1

4. juni 202648 min