Exploited: The Cyber Truth – episode 9
In this episode, Phil Englert, Vice President of Medical Device Security at Health-ISAC, explores how healthcare organizations and medical device manufacturers can meet FDA security expectations—without rewriting a single line of code.
With more than 30 years of experience in clinical engineering and cybersecurity, Phil offers a realistic, actionable take on how the industry can achieve stronger security through methods like runtime protection, system hardening, and improved visibility, all while maintaining regulatory compliance and protecting patient safety.
Topics include what “security without code changes” really means in the context of legacy systems, SBOM management, and FDA’s evolving premarket and postmarket requirements. Phil also shares where the biggest gaps remain between device makers and healthcare delivery organizations—and how they can align on solutions that are both practical and compliant.
Whether you’re a manufacturer, provider, or regulator, you’ll gain valuable insight into how to build a security strategy that doesn’t rely on access to source code, yet still meets the growing demands of today’s threat landscape and tomorrow’s compliance requirements.
Host: Paul Ducklin
Speakers: Joe Saunders and Phil Englert, VP of Medical Device Security at
Health-ISAC
Episode Length: 30 minutes
Listen to the Exploited: The Cyber Truth podcast here. Click Here
