When your insulin pump connects to your phone or your glucose monitor shares data with the cloud, is it secure? And what does "secure" even mean?In this episode of Inside MedTech Innovation, Shannon Lantzy sits down with Jacob Combs, Chief Information Security Officer and VP of Cybersecurity at Tandem Diabetes Care. Jacob brings deep expertise from across telecom, defense, financial services, and healthcare—and now protects connected devices that deliver life-sustaining insulin therapy to people with diabetes.This conversation explores the unique challenges of medical device cybersecurity: the tension between usability and security, the reality of legacy systems and security debt, how to scale security by design across engineering teams, and why regulatory requirements can actually be a competitive advantage.Jacob and Shannon discuss:Why medical device security is fundamentally different from enterprise IT securityThe critical balance between safety risk and security risk in insulin delivery systemsHow threat modeling becomes a verb that transforms engineering cultureThe challenge of maintaining security across interoperable diabetes management ecosystemsWhy "secure enough" requires sophisticated risk management, not just risk assessmentHow compensating controls and lifecycle management address security debt in fielded devicesThe role of FDA guidance in driving security programs forwardWhat it takes to push software updates quickly while maintaining quality and regulatory complianceTimestamps00:00 Introduction to Medical Device Cybersecurity01:03 Meet Jacob Combs: Expert in Medical Device Cybersecurity02:12 The Mission-Driven Approach to Cybersecurity03:16 Balancing Safety and Security in Medical Devices05:18 Challenges in Medical Device Cybersecurity09:57 The Role of a CISO in Medical Device Companies13:55 Risk Management and Cybersecurity in Medical Devices17:17 Interoperability and Complexity in Medical Devices26:55 Future of Cybersecurity in Medical Devices36:08 Cybersecurity in Med Tech: A Non-Competitive Necessity36:30 The Ethical Dilemma of Charging for Security37:25 Product Security as a Growth Engine38:50 Marketing Security: A Competitive Edge39:32 Quality and Security: A Symbiotic Relationship41:08 Regulatory Challenges and Operational Efficiency42:36 Measuring Cybersecurity Quality43:57 Navigating Regulatory Requirements51:23 Innovating with AI in Security Documentation55:25 Threat Modeling: A Cultural Shift59:23 Legacy Devices and Security Debt01:06:03 Balancing Security and Innovation01:09:08 Rapid Fire Questions and Closing ThoughtsFollow Shannon and Jacob:Connect with Shannon : LinkedIn: https://www.linkedin.com/in/shannonlantzy/ Website: https://www.shannonlantzy.com/ Connect with Jacob: LinkedIn: https://www.linkedin.com/in/jacobcombs/ Website: Left to Our Own Devices Podcast

Ver todos los episodios