This paper considers the cyber security challenges facing the healthcare sector arising from the convergence of technology, hyper-connectivity and recent developments in regulation. It explains the issues and tensions between safety and security and what can be done to resolve them. The paper highlights emerging good practice and approaches that manufacturers can take to improve medical device security throughout its lifecycle. The paper will also be of interest to others in the sector, including healthcare providers, IT suppliers, notified bodies and regulators. They will recognize the requirement to address security explicitly throughout the product/system lifecycle, including design, procurement, monitoring/auditing and during operation, particularly when the inevitable cyber incident occurs.