The article looks into the not-so-obvious but necessary intersection of patient safety and cybersecurity for networked medical devices. It discusses how regulatory expectations as expressed through FDA's Quality System Regulation (21 CFR Part 820) and emerging pre- and postmarket cybersecurity guidelines which are reshaping every aspect of device development and maintenance. Merging technical considerations (e.g., threat modeling, SBOMs, and secure update practices) with real-world examples of vulnerabilities in pumps, monitors, and network elements, the article invites both healthcare clinicians and regulators to delve into how robust quality systems can safeguard patients from nascent digital risks. It invites manufacturers to finally escape the add-on mentality and to consider how cybersecurity can be an integral part of device safety and effectiveness.