Cybersecurity in MedTech: Don’t Just Hire for Today—Hire for What’s Next

Cybersecurity is here to stay.

It’s no longer a “nice to have”—in the world of Medical Devices and Combination Products, it’s become one of the most critical components of product development and regulatory strategy for electro-mechanical devices.

Just look at the surge of blogs, webinars, and trainings hitting the market. Awareness is growing—but many teams still lack the internal expertise to know what steps to take, or how to embed cybersecurity early in the development process.

So, how do you hire the right talent with a limited pool of people in the market? 

Most companies start with a checklist of hard skills. And while certifications and experience are important, they’re not the only things that matter. In today’s evolving landscape, you also need to look for traits that go beyond the resume—people who can grow with your organization, collaborate cross-functionally, and bring cybersecurity to life inside a regulated environment.

Here are four key traits to look for outside of hard skills when interviewing someone:

1. Cross-Functional Collaboration

Where have they worked with teams beyond IT—like Engineering, QA, and Regulatory—and know how to align efforts across functions?

2. Regulatory Awareness & Standards Fluency

Are they familiar with frameworks like ISO 27001, and are ready to adapt to requirements like FDA 524B?  What do they know about 524B and if not, are they trying to learn it?

3. Ability to Build and Implement

Do they just identify risks— or can they create actionable solutions and put them into motion?  If so how would they do it?

4. Curiosity and Growth Mindset

With cybersecurity constantly evolving, what are you doing to stay current and proactive with emerging trends, threats, and standards? If you’re not yet an expert in a particular area, what steps are you taking to become one?

Yes, experience matters. But so does potential.

When the pool of product-based cybersecurity experts is limited, you need to think about capability, not just competency. Candidates who understand the standards, know how to collaborate, and have the drive to grow can often become your most valuable long-term assets.