https://youtu.be/5BYS4BIBBk0
Christian Espinosa, Founder and CEO of Blue Goat Cyber, is driven by a mission to ensure medical device security while helping his team drive project efficiency through innovative compensation structures.
We learn about Christian’s journey from overcoming a life-threatening health scare to founding Blue Goat Cyber, focusing on medical device cybersecurity. He explains his approach to designing security into medical devices from the start, rather than trying to fix issues later. He shares his Efficiency Driver framework, which incentivizes his team to become more efficient by tying compensation to project outcomes. He also emphasizes the importance of emotional intelligence in cybersecurity, detailing his seven-step methodology for fostering self-awareness, communication, and continuous improvement within teams. His insights offer strategies for medical device manufacturers and cybersecurity professionals to ensure both innovation and safety in their products.
---
Drive Project Efficiency with Christian Espinosa
Good day, dear listeners, Steve Preda here with the Management Blueprint podcast. And my guest today is Christian Espinosa, founder and CEO of Blue Goat Cyber, whose mission is to assist medical device manufacturers in creating products that are not only innovative, but are also secure and compliant with regulatory standards. Christian, welcome to the show.
Thanks, Steve. I appreciate you having me on.
I'm excited to have you and to learn about Blue Goat and I love the blue shirt that goes with it. Actually, the goat is white, but I guess the cyber security is blue rather than red. So my first question is, what is your personal “Why” and what are you doing to manifest it in Blue Goat Cyber?
So a couple of years ago, I developed six blood clots in my left leg and almost ended up dying. And that was something that was a pretty pivotal moment for me because before that, I had done 24 Ironman triathlons and was in really good shape, but I didn't think things like blood clots happened to people like me. But when I was in the hospital, a Doppler ultrasound device that was portable was used to quickly diagnose the blood clots. And after going through a pretty long bout of depression, because my life as I knew it changed completely, I couldn't exercise, I couldn't fly, I couldn't really do anything but sit around.
After I got through that, I decided to start another business and focus on medical devices. Because in my first business that I sold in 2020, we did medical device cybersecurity, but it was part of what we did. And now the focus is on medical device cybersecurity with this company. And largely, I think things happen for a reason. And I often think if that device had not existed or had been hacked and taken off the market, I may not be here today. So my mission is to help these innovative products get to the market and help them stay on the market because they're hack proof or secure from hackers.
Wow. I didn't realize that this is such a big issue in medical devices that they get hacked and then they lose their FDA license or why do they disappear? Can they not just be fixed like any software product?
They can be fixed, but a lot of times are recalled. Pacemakers have been recalled. Imagine you've got an implantable like a pacemaker inside of you and it's got a vulnerability where someone can wirelessly hack it and shock you to death. So now as a patient, you've got to make a decision. Do I get this thing taken out of me, which is a pretty major surgery, or do I live with the risk that someone could possibly wirelessly connect to my pacemaker and shock me to death? I don't have a pacemaker, but if I was in that scenario, that's a tough decision to make. But yes, these things are hackable. And the regulatory authorities like the FDA and in Europe, the medical device regulations are making efforts to enforce security with medical devices now.
Wow, okay. So this is a huge thing.