Connected Care Through IoMT: The Future of Healthcare Innovation
May 14, 2026Connected Care Through IoMT: The Future of Healthcare Innovation
May 14, 2026
Cybersecurity by Design in Medical Devices
Building Secure and Compliant Healthcare Technology Devices
Cybersecurity by Design transforms security from a compliance checkbox into a core engineering discipline that safeguards patients, protects data, and enables successful global market access for connected medical devices
Medical device cybersecurity has moved from a back-office IT concern to a front-line patient safety issue. Connected medical devices are now part of everyday clinical care: infusion pumps push medication on programmed schedules, patient monitors stream vitals to nursing stations, and remote monitoring platforms send data from a patient's home straight into the hospital's electronic health record. Every one of those connections delivers real clinical value -and every one of them is also an attack surface.
For years, security in medical devices was handled the way many organizations handle IT security: a control bolted on near the end, owned by a separate team, treated as a hurdle before launch. That model no longer holds. Regulators, healthcare providers, and patients now expect security to be engineered into a device from the first design decision. This is the essence of Cybersecurity by Design: treating security as a design quality attribute on par with safety, reliability, and usability.
Why Medical Device Cybersecurity Matters in IoMT
The Internet of Medical Things (IoMT) has expanded faster than the security practices meant to protect it. As devices connect to hospital networks, mobile apps, and cloud platforms, a single weakness can ripple across an entire care ecosystem. The rise of cloud-connected medical devices delivers enormous clinical value but each new connection also widens the attack surface that must be secured. The consequences are not abstract:
- Patient safety. A compromised infusion pump or patient monitor is not a data problem -it is a potential clinical harm. Security failures can change device behavior, suppress alarms, or render a device unavailable during care.
- Data protection. Medical devices handle some of the most sensitive personal data that exists. Breaches carry regulatory, financial, and reputational costs.
- Operational continuity. Ransomware that locks down hospital systems has repeatedly forced facilities to divert patients and revert to manual processes, with devices caught in the blast radius.
Documented vulnerabilities in infusion pumps, patient monitors, and remote monitoring devices -alongside well-known events such as the WannaCry outbreak and vulnerability clusters like URGENT/11 and SweynTooth -have made one point clear: in healthcare, cybersecurity and patient safety are the same conversation. Agencies such as the U.S. Cybersecurity and Infrastructure Security Agency (CISA) now publish dedicated medical device security advisories to track these risks.
Regulatory Expectations: FDA, EU MDR, and CDSCO
Medical device cybersecurity is no longer a recommendation that lives in a guidance footnote. Across the world's major markets, it is becoming an explicit, enforceable expectation -and the documentation bar keeps rising.
United States - FDA
Under Section 524B of the FD&C Act, manufacturers of “cyber devices” must design, develop, and maintain devices to provide reasonable assurance of cybersecurity. The FDA's premarket cybersecurity guidance -finalized in June 2025 -turns much of this into concrete submission content: a Secure Product Development Framework, threat modeling, security architecture and data-flow diagrams, a Software Bill of Materials, and a plan for ongoing vulnerability monitoring and patching. The FDA interprets “cyber device” broadly: essentially any device with software and network connectivity, even indirect. Submissions that lack adequate cybersecurity documentation can be refused outright. Building cybersecurity documentation early is one of the most effective ways to keep an FDA submission on track - see our guide on fast-tracking FDA certification for medical devices.
European Union - EU MDR
The Medical Device Regulation (EU 2017/745) embeds cybersecurity into its essential requirements. Annex I calls for devices to be developed according to the state of the art, with IT security measures and protection against unauthorized access. Guidance document MDCG 2019-16 on medical device cybersecurity operationalizes this through a security-by-design and security-by-default approach spanning the entire lifecycle, and standards such as IEC 81001-5-1 and AAMI SW96 are increasingly treated by auditors as the practical state of the art.
India - CDSCO
Under the Medical Devices Rules, 2017, software-driven devices fall within India's regulatory regime. CDSCO's draft Guidance on Medical Device Software (issued October 2025) brings sharper structure to this space: risk-based classification of SaMD and SiMD, mandatory quality management systems, cybersecurity measures in the risk management file, and post-market obligations that explicitly include cybersecurity incident reporting and vigilance for emerging threats.
Cybersecurity by Design transforms security from a compliance checkbox into a core engineering discipline that safeguards patients, protects data, and enables successful global market access for connected medical devices
The Secure Product Development Framework (SPDF)
The SPDF is the backbone of modern medical device cybersecurity. Rather than treating security as a gate at the end, it weaves security activities into every phase of development -from concept through post-market surveillance. The framework gives teams a structured, auditable way to demonstrate that security was considered continuously, not retrofitted. Each phase produces evidence that maps directly to what regulators expect to see in a submission.
Threat Modeling and Risk Management
Threat modeling is where security design begins in earnest. The team systematically asks what could go wrong: which assets matter, where the trust boundaries lie, how an attacker might reach the device, and what the clinical consequences would be. Frameworks such as the MITRE / FDA medical device threat modeling playbook offer a practical starting point. The crucial step in medical devices is linking security risk to safety risk. A vulnerability only matters insofar as it can lead to patient harm, data compromise, or loss of device function -so security risk management (in the spirit of AAMI SW96) must connect back to the ISO 14971 safety risk file rather than running on a separate track.
Secure Architecture and Software Development
Good threat models inform good architecture. A secure medical device architecture defines clear trust boundaries, enforces strong authentication and authorization, encrypts data in transit and at rest, and provides a mechanism for secure, verifiable updates. These design choices increasingly reflect Zero Trust principles -never assume a connection is trustworthy simply because it originates inside the network. The NIST Zero Trust Architecture (SP 800-207) provides a widely referenced model for this approach.
On the software side, the IEC 62304 lifecycle and IEC 81001-5-1 security activities provide the scaffolding: secure coding standards, code review, dependency management, and disciplined configuration control. Security verification -including penetration testing, fuzz testing, and static and dynamic code analysis -produces the objective evidence regulators now expect.
SBOM and Third-Party Software Management
Modern devices are assembled, not just written. Open-source libraries, third-party components, and operating systems all carry their own vulnerabilities. A Software Bill of Materials (SBOM) is the inventory that makes this supply chain visible: every component, its version, its support status, and its known vulnerabilities.
The SBOM has moved from “nice to have” to a core submission element -the FDA references the NTIA Minimum Elements for an SBOM as the baseline, and pairs the SBOM with vulnerability disclosure (often via VEX) so reviewers can see not just what is in the device, but which vulnerabilities actually apply. Because devices evolve, manual SBOMs do not scale; the practical approach is to generate an SBOM automatically with each build, cryptographically tied to that release.
Post-Market Cybersecurity Monitoring
Security does not end at clearance. New vulnerabilities are discovered in components that were considered safe at launch, and threats evolve. Post-market medical device cybersecurity means continuously monitoring for new vulnerabilities (including those in the SBOM and in catalogs such as CISA's Known Exploited Vulnerabilities list), assessing their impact, and delivering timely, risk-based patches through secure over-the-air updates. Regulators increasingly expect defined timelines for disclosure and remediation, plus coordinated communication with the healthcare facilities that operate the devices.
The Strategic Case: Security as a Design Quality Attribute
There is a persistent myth that security slows products down. In practice, the opposite is true for organizations that integrate it early. Teams that bake medical device cybersecurity into product development from the concept phase:
- Reduce regulatory risk by producing the documentation reviewers expect, the first time.
- Avoid costly redesigns that occur when security gaps surface during validation or review
- Accelerate approvals by avoiding refuse-to-accept decisions and lengthy back-and-forth.
- Earn patient and provider trust -an increasingly decisive factor in procurement.
The mindset shift is simple but powerful: treat security exactly as you treat safety, reliability, and usability -a quality attribute designed in, verified, and maintained, not a checkbox cleared at the end.
The iOrbit Approach
At iOrbit, medical device cybersecurity is integrated into the product development lifecycle rather than appended to it. Our work brings together risk-based design, secure software engineering, regulatory-compliant development processes, IoMT security architecture, and verification activities aligned with ISO 14971, IEC 62304, and the expectations of the FDA and EU MDR.
We help MedTech innovators build secure, connected, and globally compliant medical devices from the ground up -so security strengthens the path to market instead of standing in its way.
Security must be built into medical devices from concept to post-market surveillance. Manufacturers that adopt Cybersecurity by Design will be better positioned for regulatory compliance, patient safety, and long-term product success -turning a compliance obligation into a durable competitive advantage.