The ultimate guide to medical device cybersecurity.
71+ organized, actionable tips across every phase, from concept and SPDF, through threat modeling and FDA submission, to postmarket monitoring. We meet you where you are and walk you to what's next.
Where are you in your MedTech security journey?
Pick the option that fits best. We'll send you straight to the right roadmap with the tips that matter right now.
Five phases. One canonical artifact per phase.
Real incidents. Real patients.
Pacemakers recalled by the hundreds of thousands. Insulin pumps deemed unpatchable. Imaging fleets locked by ransomware. The full sourced record lives on Code Blue Chart, our sister timeline.
- Documented events
- 86
- Tied to patient harm
- 7
From Therac-25 to Synnovis
-
Patient harmJun 2024
Synnovis ransomware — first NHS-attributed cyber death
Qilin ransomware crippled NHS pathology for King's College, Guy's and St Thomas'. 10,000+ appointments and 1,700 surgeries cancelled. NHS England later confirmed one patient death tied to the attack — the first cyber death the NHS has formally attributed.
Read the case -
Recall / advisoryAug 2017
465,000 St. Jude / Abbott pacemakers recalled
FDA recalled 465,000 implanted pacemakers needing a firmware patch to fix vulnerabilities that could let an attacker drain batteries or alter pacing. The defining cyber-driven recall for implantable devices.
Read the case -
Real-world attackMay 2017
WannaCry cripples NHS — imaging fleets go dark
WannaCry disrupted at least 80 of 236 NHS trusts (37 directly infected, 44 further disrupted, per the UK NAO). Bayer Medrad imaging devices were among the medical equipment confirmed infected, taking MRI and CT scanners offline mid-care.
Read the case -
Patient harmJun 1985
Therac-25 — software kills cancer patients
Between 1985 and 1987 the Therac-25 linear accelerator delivered massive radiation overdoses to at least six patients due to software race conditions; at least three died. The foundational case study for software safety in medical devices.
Read the case
Or browse every phase end-to-end
Five phases, from concept to incident response. Click any phase to dive in.
Defining the device, risks, and security architecture.
Building, testing, and documenting before submission.
FDA review, deficiencies, and clearance.
Operating the device safely in the field.
Responding to vulnerabilities and breaches.
Nine topics, end to end
Overview
Start here. The big picture for MedTech security.
Why It Matters
The case for taking cybersecurity seriously: patients, brand, and revenue.
SPDF
Bake security into every stage of the device lifecycle.
Threat Modeling
Identify and reason about threats before they ship.
Pentesting
Validate your security posture against real attackers.
Premarket
Submit a cybersecurity package the FDA will accept.
FDA Response
Turn an FDA cybersecurity hold into a clean clearance.
Postmarket
Stay compliant and secure after your device is on the market.
Monitoring
Continuous vulnerability monitoring for fielded devices.
When you're ready to ship securely, talk to Blue Goat Cyber℠
The same experts behind this guide help medical device manufacturers threat model, pentest, submit, and monitor their devices, end to end.
Specialists in FDA cybersecurity submissions, deficiency response, and postmarket monitoring.
"Blue Goat provided testing on our system for cybersecurity and the necessary documentation to add to our regulatory submission. They were very knowledgeable in the requirements, communication was excellent, and they were able to expedite the testing and provide final reports in a very short period of time."
Bernie Lane · Medical device manufacturer
Stay current as guidance evolves
FDA guidance, threat patterns, and submission expectations shift constantly. Track what's changed and why it matters for your program.