The European Commission has acted to thwart cybersecurity risks with a proposed cybersecurity regulation and separate proposal for information security. What is not clear, however, from these proposals is whether they would interact with existing EU rules governing cybersecurity for medical devices, raising the prospect that medical technologies will be subject duplicate oversight for cybersecurity.