A newly hired VP of Software and R&D was hired by a surgical robotics startup and found that no cybersecurity-specific compliance was documented. He was concerned that his team wouldn’t know how to produce a regulatory submission, and may receive significant barriers to market due to cybersecurity requirements being missed.

I convened a team of experts to produce an FDA-style review of the product’s cybersecurity architecture as well as the company’s documentation. We conducted the review in one week, and debriefed with the company’s leadership and development groups. During the debriefing and workshops, the team made definitive decisions.

The company cleared FDA with shockingly zero cybersecurity
vulnerabilities. The VP of Software was relieved and able to focus on the core value of the system, knowing that cybersecurity was covered.