This workshop is a member and by-invite-only event. Questions? email email@example.com
Tickets: $800, early bird rate closes on April 20th.
Discussion Leaders & Experts
AJ Aspinwall is a medical device security specialist in clinical engineering at Norton Healthcare in Louisville KY. Norton Healthcare is a hospital delivery organization that is working to develop and implement strategies specifically geared towards network and device security. For the past year, AJ has been spearheading the development of a security risk management program focused exclusively on medical device systems. AJ specializes in mitigating security vulnerabilities without compromising safety or patient care.
Manager, Medical Device Security
Abbott Medical Devices
Curt Blythe is a Manager in the Medical Device Security team at Abbott Medical Devices in St. Paul, Minnesota. Curt focuses on improving medical device security through hardware and software testing. In this role, Curt focuses on identifying and addressing security risks throughout the product development lifecycle. He has a background in Application Security, Vulnerability and Risk Management. Curt received his bachelor’s degrees in MIS/Spanish from the University of Northern Iowa and is CISSP certified.
Adam Brand is the director of security and compliance at Protiviti, where he leads the medical device security practice. With more than 17 years of experience in information technology and security, Adam has been heavily involved with the "I am The Cavalry" movement, a group of security researchers focused on cybersecurity issues that can affect human life and safety.
Debra Bruemmer, BS, MBA, CISSP
Senior Manager, Clinical Information Security, Office of Information Security
Debra Bruemmer is the manager of the Clinical Information Security team at Mayo Clinic’s Office of Information Security in Rochester, Minnesota. In this role, Debra leads efforts to assess and improve the security of medical devices, facility systems, and clinical support systems used within the Mayo Clinic environment. She is responsible for understanding medical devices in the Mayo Clinic environment, assessing the vulnerability of medical devices, and partnering with vendors and internal staff to improve security. During her 17-year career at Mayo Clinic, Debra has worked in finance, information technology, and the Office of Information Security. Debra received her bachelor’s degree in finance from Winona State University, a master’s degree in business administration from Cardinal Stritch University, and is CISSP certified.
Dr. Thomas Carrigan
St Elizabeth Healthcare
Dr. Thomas Paul Carrigan is a practicing Clinical Cardiac Electrophysiologist and Co-Director of the Atrial Fibrillation Program at St. Elizabeth Healthcare in Cincinnati OH. He spends his clinical time managing heart rhythm disorders which include radiofrequency ablation and the surgical management of pacemakers and defibrillators. He earned a Bachelor of Science in Biochemistry, Master of Health Services Administration and Doctor of Medicine from the University of Kansas. Subsequently completed clinical training in Internal Medicine at the Cleveland Clinic, Cardiovascular Medicine at Case Western Reserve and Clinical Cardiac Electrophysiology at the University of Michigan. Additionally, he completed a Medical Staff Fellowship in the Pacing Defibrillation and Leads branch at the United States Food and Drug Administration. He is board certified in Clinical Cardiac Electrophysiology, Cardiovascular Medicine, Internal Medicine and Adult Echocardiography. He is actively involved in clinical research as Principal Investigator and Sub-Investigator on several medical device IDE trials, investigator-initiated studies
Dr. Kevin Fu is Associate Professor of Computer Science & Engineering at the University of Michigan, where he conducts research on computer security and healthcare as part of the National Science Foundation’s Trustworthy Health and Wellness (THAW.org) Frontiers project. He also directs the Archimedes Center for Medical Device Security, whose mission is to improve medical device security through research and education, and he co-founded Virta Labs, a healthcare cybersecurity company based in Ann Arbor, Michigan. Over the last decade, Kevin has given nearly 100 invited talks on medical device security to industry, government, and academia—including Senate and House hearings, the Institute of Medicine, and National Academy of Engineering events. Beginning with his 2006 security seminar at FDA CDRH, Kevin’s medical device security efforts were recognized with a Fed100 Award, Sloan Research Fellowship, NSF CAREER Award, MIT TR35 Innovator of the Year award, and best paper awards on medical device security by organizations such as IEEE and ACM. Kevin earned a Ph.D., master’s degree, and bachelor’s degree from MIT and he also holds a certificate of achievement in artisanal bread making from the French Culinary Institute.
Abbott Medical Devices
As an experienced information security professional, Lev has overseen development and implementation of information security strategy at St. Jude Medical to mitigate information security risks through comprehensive risk assessment and
Cisco Secure Policy and Access Group
Craig has over 25 years of security and networking experience. As a Principal Engineer for Cisco's Secure Policy and Access Group, Craig is defining Cisco's next-generation policy and access control solutions. Craig serves as a technical lead for ISE architecture Performance and Scale and is a driving force behind ISE Super Scaling architecture. Craig is also actively driving the advancement of network access control (NAC) for the Internet of Things (IoT) with a focus on Healthcare including the advancement of IETF standardization for Manufacturing Usage Description (MUD). Craig is the author of the Cisco Medical NAC Whitepaper and speaker at the NIST workshop “Enhancing Resilience of the Internet and Communications Ecosystem”.
Previously Craig has held senior positions as a customer Consulting Engineer, Systems Engineer and Product Trainer. He joined Cisco in 1996 and has extensive experience with NAC, Identity-Based Networking Services (IBNS), Secure Wireless access and software-defined segmentation. Craig holds a Bachelor's degree from Dartmouth College and certifications that include CISSP, CCSP, and CCSI.
Gary McGraw is the vice president of security technology at Synopsys (
Michael C. McNeil is the current Global Product Security & Services Officer for Royal Philips. In this capacity, McNeil is responsible for leading the global product security program for the company and
Associate Director for Science & Strategic Partnerships Center for Devices & Radiological Health
Suzanne Schwartz, MD, MBA is the Associate Director for Science & Strategic Partnerships at FDA’s Center for Devices & Radiological Health (CDRH). Her portfolio includes medical device cybersecurity and efforts that span incident response, increasing awareness, outreach, partnering, policy, and coalition-building. Suzanne chairs CDRH Cybersecurity Working Group. She also co-chairs the Government Coordinating Council for Healthcare & Public Health. Suzanne earned an MD from Albert Einstein College of Medicine, trained in General Surgery & Burn Trauma at the New York Presbyterian Hospital-Weill Cornell Medical Center; an executive MBA from NYU Stern School of Business; and she completed the National Preparedness Leadership Initiative at the Harvard School of Public Health & Kennedy School of Government.
Ben Ransford, Ph.D., is co-founder and CEO of Virta Labs, a company that focuses entirely on making approachable tools for cyber security workflows in health care. Ben believes health care cybersecurity needs more empathy and better tools, not snake oil and FUD. He published the first in-depth security analysis of an implantable medical device in 2008 with Kevin Fu and collaborators, and has had his ears open since then. Ben has spoken about anomaly detection for medical devices at previous Archimedes workshops.