For the EU health industry to be competitive and to sustainably deliver internationally leading care quality, it is important that EU regulation, guidelines and standards enable effective and interoperable digital health innovation and promote a vibrant entrepreneurial EU sector. Safety and competitiveness are not mutually exclusive. To deliver on them requires a pace and intensity of technological innovation that is matched by intensive regulatory innovation. Smarter, adaptive, dynamic, and evidence-based regulatory approaches are needed, based on real world experience in representative use scenarios. CYMEDSEC has been designed with an optimum consortium of regulatory, cybersecurity, technology, evaluation, and clinical EU experts to address exactly this challenge. It provides close feedback loops between new technological paradigms and recommendation of regulatory approaches, fostering regulatory science fresh thinking. It will deliver novel security-by-design solutions for the oversight of ‘Internet of Medical Things’ (IoMT) devices, including connected in vitro diagnostics. IoMT ‘fleet’ cybersecurity oversight systems will be developed. Use cases explored include remote patient monitoring and critical care scenarios, for which the project will develop novel and highly secure gateway middleware. Our technological and methodological advancement will go hand-in-hand with detailed review of regulations and guidelines, the formal creation of a new IoMT cybersecurity standard, and evidence collection from representative case studies. These objectives are holistically interlinked, with learnings form each work area feeding into development and proposals in other areas. Key to this is the in-project development of a cybersecurity benefit-risk toolbox, which will further develop the state of the art, using qualitative and quantitively approaches, and will make these available as easily usable and findable Open-Source resources for manufactures and regulatory bodies.