In this episode of Ctrl-Alt-Secure, Valentina Flores sits down with Madison Morrow, Director of Business Development at Blue Sages, and Farshad Esnaashari, a medical device full–lifecycle consultant, to break down one of the most urgent topics in the med-tech industry: cybersecurity requirements for FDA medical device submissions.

The conversation explores why the FDA is increasing its cybersecurity expectations, the most common mistakes manufacturers make, and how device makers can integrate security early in the product lifecycle. Madison explains how Blue Sages supports medical device companies through engineering best practices, software documentation, testing, and compliance, while Farshad brings over 30 years of experience in architectural security, risk management, and interpreting FDA cybersecurity guidance.

Key topics covered in this FDA cybersecurity episode:

• Why cybersecurity must start early in medical device design (not at the end)
• What the FDA now expects: SPDF, SBOM, traceability, threat modeling, and vulnerability management
• Why shallow SBOMs, missing traceability, and late pentesting delay submissions
• How penetration testing and offensive security strengthen FDA submissions
• Practical guidance for med-tech startups balancing speed, safety, and compliance
• How AI introduces new cybersecurity risks in medical devices and what the FDA expects for model updates, rollback plans, and integrity checks

Who needs this episode?

This discussion is essential for anyone involved in medical device development, regulatory submissions, FDA compliance, cyber risk, software validation, or connected device security. If you’re preparing a 510(k), De Novo, or PMA submission in 2025–2026, this episode gives you a clear roadmap of what to prioritize.

About Ctrl-Alt-Secure

Ctrl-Alt-Secure is brought to you by Red Sentry, a human-led, tech-powered penetration testing firm helping companies identify and fix vulnerabilities before attackers can exploit them.

🔗 Connect with Blue Sages to explore their engineering and regulatory support for medical device companies: https://www.bluesages.com/

🔗 Contact Red Sentry: https://redsentry.com/contact

Find more about Red Sentry.

In this episode of Ctrl-Alt-Secure, Valentina Flores sits down with Dr. Bennett Hammer, founder and president of Hammer IT, for a deep dive into one of today’s most common yet misunderstood risks: email security. They break down the evolving threat landscape, from the rise of phishing and ransomware to the ways AI is now being used by both attackers and defenders.

The conversation explores why email remains one of the most effective entry points for cybercriminals, how remote and hybrid work environments have expanded the attack surface, and the practical steps organizations can take to strengthen their defenses. Dr. Hammer highlights the importance of proactive measures, continuous user education, and building a culture where employees are empowered to question suspicious activity.

A handful of valuable takeaways:
• Phishing and ransomware continue to top the list of email-based threats
• AI is accelerating both offensive and defensive capabilities in cybersecurity
• Remote work has created new vulnerabilities in email workflows
• User training and awareness remain essential for preventing breaches
• Strong filtering, verification protocols, and layered defenses make a measurable difference

To explore more of Dr. Hammer’s work or try his free tools, visit hammeritconsulting.com, hammersecure.com, or HammerSpam, his spam email analyzer.

Ctrl-Alt-Secure is brought to you by Red Sentry, a human-led, tech-powered pentesting firm helping companies identify and fix vulnerabilities before attackers can exploit them.

Find more about Red Sentry.

In this episode of CTRL-ALT-SECURE, Valentina Flores discusses the importance of understanding neurodiversity in tech leadership with guests Andy and Fred from Irregular Training. They explore how neurodivergent individuals, including those with autism and ADHD, can bring unique strengths to the workplace, the challenges posed by standardized work environments, and practical steps organizations can take to support neurodiverse talent. The conversation emphasizes the need for flexibility, trust, and a shift in hiring practices to leverage the strengths of neurodivergent individuals for a more inclusive and productive workplace.

A handful of valuable takeaways:

• Neurodiversity is a key part of how teams actually function and succeed.
• Understanding different thinking styles can unlock creativity and performance.
• Standardized workplaces often miss what neurodivergent employees need to thrive.
• Traits like deep focus, pattern recognition, and problem-solving are real strengths.
• Flexible roles and trust-based cultures bring out the best in neurodivergent talent.
• The future of work will depend on embracing and designing for neurodiversity.

To learn more about Andy and Fred’s work on building inclusive, high-performing teams, visit their site Irregular Training.

CTRL-ALT-SECURE is brought to you by Red Sentry, a human-led, tech-powered pentesting firm helping companies identify and fix vulnerabilities before attackers can exploit them.

Find more about Red Sentry.