The Medical Device Innovation Consortium (MDIC) has played a key role in fostering a stronger industrial appreciation for the need for robust cybersecurity, but a recent MDIC report noted that many device makers are deficient in pushing cybersecurity considerations into the domain of design controls. However, the most critical element in cybersecurity may be whether a company has a chief product security officer (CPSO), the presence of absence of which seems to correlate strongly and uniformly with all aspects of cybersecurity in a manufacturer’s products.