Kevin Fu
Former Acting Director, US FDA CDRH Medical Device Security
Kevin Fu is credited for establishing the field of medical device security beginning with the 2008 IEEE paper on defibrillator security.
Kevin is a former MIT Technology Review TR35 Innovator of the Year and Fellow of the AAAS, ACM, and IEEE. He has testified in the House and Senate on matters of information and medical device security and has written commissioned work on trustworthy medical device software for the Institute of Medicine of the National Academies. He was a member of NIST Information Security and Privacy Advisory Board, the CRA Computing Community Consortium Council, and the ACM Committee on Computers and Public Policy. He received the Dr. Dwight E. Harken Memorial Lecturer Award from the Association for the Advancement of Medical Instrumentation (AAMI) for his leadership on medical device security standardization.
Co-chair
Soundharya Nagasubramanian
Vapotherm
Co-chair
Hans-Martin von stockhausen
Siemens Healthineers
Dr. Hans-Martin von Stockhausen holds a position as Principal Key Expert for Cybersecurity at Siemens Healthineers. In this position he leads the company in developing security requirements for all products gathered from international regulations and customers around the globe with a focus on supporting the operational risk management on the operator’s side. Inside the Siemens security community, he leads a team that that works on improving and maintaining the security posture of products and security related customer communication. He has extensive domain knowledge from 20+ years of work experience in the medical device industry holding various positions throughout the product lifecycle from SW developer to SW platform architect to product manager.
For 10+ years, his focus has been on cyber security while holding a position as product security officer for medical IT systems and image acquisition devices. Hans-Martin participates in expert workshops and talks at conferences held by European and internationally recognized organizations. Furthermore, he is a member of the board of directors of Health-ISAC.
Jenny Amos
Jenny Amos, Ph.D., earned her B.S. in Chemical Engineering with a minor in Computer Science from Texas Tech University in 2004, followed by a Ph.D. in Chemical Engineering with a concentration in Cell and Developmental Biology from the University of South Carolina in 2008. She currently serves as a Teaching Professor and Laura Hahn Faculty Fellow in the Department of Bioengineering at the University of Illinois Urbana-Champaign. Dr. Amos’s research focuses on engineering education, emphasizing curriculum design, program assessment, and strategies to enhance student learning through evidence-based and inclusive pedagogical practices. She also advances interdisciplinary initiatives that integrate engineering methodologies into medical education, fostering the development of professionals at the intersection of healthcare innovation and technology.
Wayne Burleson
Professor in VLSI Circuits and Systems who specializes in industry-focused research and development in digital and mixed-signal CMOS, emphasizing low-power and hardware security. He is recognized for leading federally funded Exascale computing research at AMD Research which led to the El Capitan and Frontier supercomputers at Livermore and Oak Ridge National Labs. He also managed technology transfer from the AMD research group into advanced CPU and GPU products. Burleson has developed and taught novel courses in VLSI and Security Engineering as well as publishing over 200 papers in these fields. He has graduated 22 PhD students and 40 MS students in his 35 year career at UMass. Burleson is an IEEE Fellow and recipient of the UMass Amherst Chancellor’s Medal and the ACM/IEEE A. Richard Newton Technical Impact Award in Electronic Design Automation. He has degrees from MIT and the University of Colorado Boulder.
Andrew Carney
Andrew Carney joined ARPA-H in July 2023 from HSBC’s Cybersecurity Science and Analytics group, where he worked as a principal researcher. He has over 15 years of experience in software and hardware vulnerability research, technical education and training, and management of research and development teams.
In addition to his role as program manager with ARPA-H, Carney holds a joint program manager appointment with the Defense Advanced Research Projects Agency (DARPA) for the AI Cyber Challenge (AIxCC), a competition focused on securing software in critical infrastructure. Before HSBC, Carney was a technical advisor and contractor for the Defense Advanced Research Projects Agency (DARPA). At DARPA, he supported research efforts focused on reverse engineering, program analysis, human-machine teaming, and automated program repair. Throughout his career, Carney has been involved in competitive hacking (called Capture the Flag, or CTF) as both a player and a competition organizer. He holds a master’s degree in computer science from The Johns Hopkins University.
Mike D'Arezzo
Mike D’Arezzo currently serves as the Executive Director of Information Security and GRC for Wellstar Health Systems, the largest not for profit healthcare provider in Georgia. In the past Mike has assisted organizations and clients in developing transparent and secure programs for Information Technology, Cybersecurity, and Governance, Risk, and Compliance initiatives through risk assessments, penetration testing, and vulnerability management. Prior to Wellstar Health Systems, Mike held has a strong track record of operational excellence, innovative problem solving, and regulatory compliance expertise. In addition, Michael brings over 25 years of experience working with companies like General Electric, ePlus Technology, AMF Bowling, and MICROS/Oracle, across a variety of business verticals, on driving data and system security, policies and standards, compliance and regulatory affairs, and technology solutions.
Greg Garcia
Greg Garcia is the Executive Director of the Health Sector Coordinating Council Cybersecurity Working Group, the government-recognized critical infrastructure industry advisory council of more than 470 healthcare providers, pharmaceutical and medtech companies, payers and health IT entities partnering with government to identify and mitigate cyber threats to health data and research, systems, manufacturing and patient care.
In 2006, Greg was appointed by President George W. Bush as the nation's first Assistant Secretary for Cybersecurity and Communications with the U.S. Department of Homeland Security (since reorganized as the Deputy Director of the Cybersecurity and Infrastructure Security Agency). One of his signal achievements in this role was conceiving and initiating creation of the National Cyber and Communications Integration Center, the nation’s 24x7 public-private partnership for cybersecurity watch, warning, analysis and incident response.
He also served as executive director of the Financial Services Sector Coordinating Council, stood up the I.T. Sector Coordinating Council, and held senior executive positions with Bank of America, 3Com Corporation, Information Technology Association of America, and American Electronics Association, all with the responsibility of driving change in public policy and business operations to strengthen the security and resiliency of the nation's critical infrastructures.
Greg served as a professional staff member on the Committee on Science in the U.S. House of Representatives, where he helped draft and shepherd enactment of the Cyber Security Research and Development Act of 2002.
Greg is a former member of the Information Security and Privacy Advisory Board, a government/industry committee advising the Secretaries of Commerce and Homeland Security, and the Director of OMB, on national information security and privacy policy.
Greg is a 2024 recipient of the Malcolm Baldrige Foundation Award for Leadership Excellence in Cybersecurity.
Julian Goldman
Julian M. Goldman, M.D. is an anesthesiologist affiliated with Massachusetts General Hospital and Harvard Medical School, where he serves as an Instructor in Anesthesia and Medical Director of Biomedical Engineering at Mass General Brigham. He earned his medical degree from SUNY Downstate Medical Center in 1985 and completed his anesthesiology residency and a research fellowship in medical device informatics at the University of Colorado Health Sciences Center. Board-certified in both Anesthesiology and Clinical Informatics, he has built a distinguished career spanning clinical innovation, biomedical engineering, and leadership in device interoperability research.
Michelle Jump
MedSec
Michelle Jump is the CEO at MedSec where she is responsible for providing strategic leadership, training and education to the medical device industry, and thought leadership in the area of medical device cybersecurity practices and processes. She also participates in a variety of domestic and international standards, as well as relevant industry and government initiatives to support security within the healthcare industry.
Michelle is a veteran of our Medical Device security industry being instrumentally involved with seminal industry consensus standards like AAMI TIR 57, AAMI TIR 97, IMDRF, ISO 80001-2-2, ISO 81001-1, ISO 62304, and the Medical Device CVSS Rubric. She regularly communicates with global regulatory bodies, including the US FDA, on the topic of medical device security by co-presenting, assisting with submissions, and helping shape guidance and implementation of this topic at these agencies.
jack kufahL
Michigan Medicine
Jack Kufahl is the Chief Information Security Officer for Michigan Medicine at the University of Michigan, one of the nation’s top academic medical centers that brings together world-class experts from research, patient care, and education to make groundbreaking discoveries that create life-changing medicine.
He has over 20 years of experience in information technology, primarily in leadership roles. He is one of the incorporating officers of the Michigan Healthcare Cybersecurity Council and is a current board member. The MiHCC is a public-private partnership in the State of Michigan and the healthcare industry supporting the citizens, patients, workforce , and students of Michigan. MiHCC seeks to protect the critical healthcare infrastructure and institutions of Michigan by providing relevant knowledge, meaningful relationships, and information security services to the partnering individuals, agencies, organizations , and vendors. Jack is also a graduate of the esteemed FBI CISO Academy and has completed the Masters of Legal Studies program with a concentration in compliance law at Washington University in St Louis.
As the Chief Information Security Officer, he is currently responsible for planning, developing, implementing, and maintaining the Michigan Medicine information assurance program. He directs all information assurance activities across the academic medical center to ensure the confidentiality, integrity, and availability of electronic information resources critical to the tripartite mission of patient care, research, and education at Michigan Medicine.
Joern Lubadel
Joern Lubadel is an experienced professional in healthcare IT and Product IT Security, with over 25 years of working across medical technology and regulatory environments. As Global Head of Product Security at B. Braun, he supports security by design throughout the product lifecycle—helping teams build safe, compliant, and scalable solutions.
He focuses on translating current cybersecurity concerns and technical risks into practical regulatory and engineering strategies. With a strong technical foundation and a belief in mature processes and frameworks, Joern helps align development practices with global expectations. He contributes to international working groups and standards bodies, including ISO, DIN, and contribute his time to industry associations like MedTech Europe, APACMed, and others.
Joern believes that security should enable innovation, not hinder it. His leadership is rooted in Digital Trust—the idea that secure, transparent, and well-aligned processes build confidence across teams and stakeholders. By fostering collaboration and continuous learning, he encourages a culture where security becomes a shared responsibility and a foundation for progress in healthcare
Erika Petersen
Erika Petersen, MD, FAANS, FACS, is a Professor of Neurosurgery at the University of Arkansas for Medical Sciences, where she directs the Section of Functional and Restorative Neurosurgery and serves as program director for the neurosurgery residency. A board-certified neurosurgeon, her clinical practice and research focus on neuromodulation for movement disorders, spasticity, and chronic pain, with particular interest in developing new devices, indications, and methods for treatment. She collaborates across specialties to advance applications of deep brain stimulation and neuromodulation, and also studies the privacy and cybersecurity of implanted devices, diversity and inclusion in surgery, and the use of virtual reality in neuroscience. Dr. Petersen earned her undergraduate degree from Princeton University, her medical degree from the University of North Carolina at Chapel Hill, completed neurosurgery residency at the University of Texas Southwestern, and a fellowship in deep brain stimulation at the National Hospital for Neurology and Neurosurgery in London. She holds leadership roles in national neurosurgical and pain societies, serves on multiple editorial boards, and is a frequent lecturer at national and international meetings.