Session Speakers & Panelists
Global Director of IoT Security
Mike Ahmadi is the global director of IoT security for DigiCert. A respected leader in the field of critical infrastructure security, Mike is currently serving as the Chairman of the SAE Cybersecurity Assurance Testing Task Force and is an active member of the Medical Device Innovation, Safety, and Security Consortium (MDISS), the Association for the Advancement of Medical Instrumentation (AAMI) Medical Device Security Working Group, the DHS ICSJWG, and the US Secret Service Electronic Crimes Task (USSS ECTF) Advisory Board. Mike participated in the development of testing and certification standards under multiple NIST working groups, assisted the California Public Utility Commission (CPUC) in drafting security requirements for Smart Grid deployment, and served on the California Office of Health Information Integrity (CalOHII) Core Security Team, creating healthcare security policies.
AJ Aspinwall is a medical device security specialist in clinical engineering at Norton Healthcare in Louisville KY. Norton Healthcare is a hospital delivery organization that is working to develop and implement strategies specifically geared towards network and device security. For the past year, AJ has been spearheading the development of a security risk management program focused exclusively on medical device systems. AJ specializes in mitigating security vulnerabilities without compromising safety or patient care.
Adam Brand is the director of security and compliance at Protiviti, where he leads the medical device security practice. With more than 17 years of experience in information technology and security, Adam has been heavily involved with the "I am The Cavalry" movement, a group of security researchers focused on cybersecurity issues that can affect human life and safety.
Fotis Chantzis is a principal information security engineer at Mayo Clinic, where he manages and conducts vulnerability assessments on medical devices and clinical support systems. Fotis has over 10 years of experience in the information security industry, which includes time spent researching network protocol vulnerabilities and developing security tools such as Nmap and Ncrack. Fotis holds
Dr. Christian Dameff is an Emergency Medicine physician and researcher. He is currently a Clinical Informatics fellow at the University of California San Diego. Published clinical works include post-cardiac arrest care including hypothermia, novel drug targets for acute myocardial infarction patients, ventricular fibrillation waveform analysis, cardiopulmonary resuscitation (CPR) quality and optimization, dispatch-assisted CPR,
Dr. Dameff is also an ethical hacker and security researcher interested in the intersection of healthcare, patient safety, and security. He has spoken at some of the world’s most prominent hacker forums including Defcon, Derbycon, BSides: Las Vegas, and is one of the co-founders of the CyberMed Summit, a novel multidisciplinary conference with an emphasis on medical device and infrastructure
Scott Erven is a managing director with PwC where he leads the medical device security practice. Scott has over 18 years of information security and technology experience with expertise in healthcare and medical device security. He has consulted with the Department of Homeland Security and Food and Drug Administration and advised national policymakers. An internationally respected speaker and researcher, Scott’s research on health care security has been featured in Wired, Forbes, the BBC, and numerous other media outlets worldwide.
Dr. Kevin Fu is Associate Professor of Computer Science & Engineering at the University of Michigan, where he conducts research on computer security and healthcare as part of the National Science Foundation’s Trustworthy Health and Wellness (THAW.org) Frontiers project. He also directs the Archimedes Center for Medical Device Security, whose mission is to improve medical device security through research and education, and he co-founded Virta Labs, a healthcare cybersecurity company based in Ann Arbor, Michigan. Over the last decade, Kevin has given nearly 100 invited talks on medical device security to industry, government, and academia—including Senate and House hearings, the Institute of Medicine, and National Academy of Engineering events. Beginning with his 2006 security seminar at FDA CDRH, Kevin’s medical device security efforts were recognized with a Fed100 Award, Sloan Research Fellowship, NSF CAREER Award, MIT TR35 Innovator of the Year award, and best paper awards on medical device security by organizations such as IEEE and ACM. Kevin earned a Ph.D., master’s degree, and bachelor’s degree from MIT and he also holds a certificate of achievement in artisanal bread making from the French Culinary Institute.
Lieutenant Colonel, USMC (Retired) Bill Hagestad is the senior principal cyber security engineer for Smiths Medical and an adjunct professor in cybersecurity counterintelligence at Utica College in Syracuse, New York. An internationally registered white hat hacker, Bill is also a recognized authority on the People’s Republic of China’s weaponization of computer and information network systems. He speaks internationally on China’s hegemony in the information age and has written several respected books on Chinese
Director of Product and Engineering Systems Security
Ken Hoyme is the director of product and engineering systems security at Boston Scientific, where he works with internal and external stakeholders to drive and improve processes and practices for pre- and post-market cybersecurity risk management across the company’s products and services. Ken is the co-chair of AAMI’s Device Security Working Group and a member of AAMI’s BI&T Editorial Board. He has been working for 33 years in the design of regulated safety-critical secure systems, which includes 3.5 years at Adventium Labs performing government-funded research on the intersection of safety and security for cyber-physical systems. Prior to joining Adventium Labs, Ken was a senior fellow at Boston Scientific, where he was the systems lead for the development of the LATITUDE Remote Patient Management system.
Director of Software Support and Managed Services
Varian Medical Systems
Ken Khouri is the director of software support and managed services at Varian Medical Systems, the world's leading medical device and software company for treating cancer and other medical conditions with radiotherapy, radiosurgery, proton therapy, and brachytherapy.
Vice President of Sourcing Operations & Support Services
Greg Knapp serves as vice president of sourcing operations with responsibility for Vizient’s business technology and support services contract portfolios. In this role, Greg leads the information technology product contracting, telecommunications, business products/services, environmental services/facilities, laboratory, and food services contract portfolios. His teams are currently focused on integrating the contract portfolios from legacy Novation and legacy MedAssets. Prior to this role, Greg was vice president with responsibility for Novation’s business and technology contract portfolios.
Senior Principal Systems Engineer
Tara is a senior principal systems engineer within the product security group at Medtronic. Tara has over 20 years of security and technology experience and has been focused on medical device security exclusively for the past three years.
Director of Enterprise Cyber Security
Andrew Lancashire is director of enterprise
Jacki Monson is the vice president, chief privacy
Ben Ransford, Ph.D., is co-founder and CEO of Virta Labs, a company that focuses entirely on making approachable tools for cyber security workflows in health care. Ben believes health care cybersecurity needs more empathy and better tools, not snake oil and FUD. He published the first in-depth security analysis of an implantable medical device in 2008 with Kevin Fu and
Senior Vice President and Chief Evangelist
Center for Internet Security (CIS)
Tony Sager is a senior vice president and chief evangelist for the Center for Internet Security (CIS). In this role, Tony leads the development of the CIS Controls, a worldwide consensus project to find and support technical best practices in cybersecurity. He also serves as the director of the SANS Innovation Center, a subsidiary of The SANS Institute. Tony retired from the National Security Agency (NSA) after 34 years as an information assurance professional. He started his career in the Communications Security (COMSEC) Intern
Associate Director for Science & Strategic Partnerships Center for Devices & Radiological Health
Suzanne Schwartz, MD, MBA is the Associate Director for Science & Strategic Partnerships at FDA’s Center for Devices & Radiological Health (CDRH). Her portfolio includes medical device cybersecurity and efforts that span incident response, increasing awareness, outreach, partnering, policy, and coalition-building. Suzanne chairs CDRH Cybersecurity Working Group. She also co-chairs the Government Coordinating Council for Healthcare & Public Health. Suzanne earned an MD from Albert Einstein College of Medicine, trained in General Surgery & Burn Trauma at the New York Presbyterian Hospital-Weill Cornell Medical Center; an executive MBA from NYU Stern School of Business; and she completed the National Preparedness Leadership Initiative at the Harvard School of Public Health & Kennedy School of Government.
Director of Clinical Equipment Systems and Support
Benjamin B. Stock, CBET, is the director of clinical equipment systems and project support for SSM Health—the 10th largest nonprofit health system in the United States. Benjamin has over 15 years of experience in the healthcare technology management field and successfully implemented a system-wide cybersecurity program centered specifically around protecting medical devices. He has
Director of Policy
American Hospital Association
Chantal Worzala, Ph.D., is vice president of health information and policy operations at the American Hospital Association. Her primary area of focus is health information technology (IT) use and policy development. Chantal has more than 20 years of experience in international and domestic health policy and has focused primarily on policy for health IT and related technologies since 2005. She has also been a consultant to providers, patient advocates, and technology companies. Chantal previously served as senior analyst for the Medicare Payment Advisory Commission. She holds a Ph.D. from the Johns Hopkins School of Public Health and an MPA from the Woodrow Wilson School at Princeton University.