President & Founder
Jose Bohorquez, PhD
Jose founded CyberMed to help companies get secure medical devices to market efficiently. He has more than 20 years of experience in the medical devices industry, leading product development and security teams for over 15 years.
Dr. Bohorquez is a frequent NIH reviewer for SBIR grant proposals, a digital health startup mentor for NYU's Endless Corridor Labs, and a member of the Executive Advisory Board for the FIRST robotics competition.
He holds Bachelor's and Master's degrees in Electrical Engineering and Computer Science from the University of Florida and completed his PhD at MIT.
Credentials
- PhD, Massachusetts Institute of Technology
- MS & BS, Electrical Engineering and Computer Science, University of Florida
- NIH SBIR grant reviewer
- Mentor, NYU Endless Corridor Labs
Areas of expertise
- FDA medical device cybersecurity
- 510(k) cybersecurity submissions
- Premarket cybersecurity documentation
- Secure product development framework
- Medical device threat modeling
Articles by Jose Bohorquez
- Congress Just Advanced a Healthcare Cybersecurity Bill. What It Means for Medical Device Companies.
The Health Care Cybersecurity and Resiliency Act just cleared the Senate HELP Committee. For medical device manufacturers, this is not a drill.
March 31, 2026
- FDA's 3rd Cybersecurity Guidance in 3 Years: What Actually Changed?
FDA released its 3rd cybersecurity guidance in 3 years. Sounds scary. It's not. The update swaps QSR for QMSR and leaves the 14 required cybersecurity documents untouched. Here's what you actually need to know.
February 24, 2026
- Software Design Specification for IEC 62304 and FDA Compliance
Complete guide to creating Software Design Specifications that meet IEC 62304 clause 5.4 and FDA documentation requirements. Includes checklists, examples, and common pitfalls.
November 24, 2025
- IEC 62304 to FDA eSTAR: A Software Documentation Guide
Map IEC 62304 processes to FDA eSTAR requirements. Complete guide to 10 required software documents for medical device submissions with examples.
October 28, 2025
- 12 Essential FDA Cybersecurity Risk Assessment Rules
The twelve rules that determine whether your cybersecurity risk assessment will satisfy an FDA reviewer or generate an AI request. Each one mapped to the guidance section it derives from.
August 20, 2025
- Documentation Overload: The 24+ Documents FDA Requires for Software and Cybersecurity
Catalogs the software and cybersecurity documents FDA expects in eSTAR submissions and offers guidance on organizing evidence for reviewers.
August 6, 2025
- How to Create FDA-Compliant Cybersecurity Traceability Matrices in 2025
Details how to build cybersecurity traceability matrices that connect threats, controls, and verification evidence for modern FDA submissions.
July 17, 2025
- A Guide to Post-Market Cybersecurity Management
Covers the monitoring, vulnerability response, and legacy planning manufacturers need to keep medical devices cybersecure after FDA clearance.
July 9, 2025
- SPDF vs IEC 62304: Avoid Costly Documentation Mistakes
Clarifies how FDA's Secure Product Development Framework complements IEC 62304 and what dual documentation packages reviewers expect.
June 25, 2025
- FDA Cybersecurity Requirements for Medical Devices with Software
What FDA actually expects in the cybersecurity package for a software-based medical device, mapped to where each artifact lives in your submission.
January 31, 2025
- 5 reasons FDA will refuse your 510(k) application due to cybersecurity deficiencies
Outlines five cybersecurity gaps that now trigger FDA refusal-to-accept decisions for 510(k) submissions and how to close them.
July 29, 2024
- What Information FDA is Expecting for Cyber Devices?
Breaks down the cybersecurity evidence FDA expects in submissions for software-enabled medical devices.
July 18, 2024