Register Now

Early Bird Tickets: $1,230.95
(valid 8/1/18-12/1/18)

Late Registrants: $1,846.45 
(valid 12/2/18-1/11/19)

We are using the Iris Registration platform for this year's conference. Click here for instructions on creating an online account and reserving your spot.

For registration questions, contact the University of Michigan’s Event Services at or 734-764-2000.

Confirmed Speakers and Panelists


AJ Aspinwall
Medical Device Security Specialist
Norton Healthcare


AJ Aspinwall is a Medical Device Security Specialist in clinical engineering at Norton Healthcare in Louisville KY. Norton Healthcare is a hospital delivery organization that is working to develop and implement strategies specifically geared towards network and device security. For the past year, AJ has been spearheading the development of a security risk management program focused exclusively on medical device systems. AJ specializes in mitigating security vulnerabilities without compromising safety or patient care.

 Jonathan Bagnall head shot

jonathan bagnall
Senior Manager, Product Security & Services
Royal Philips Healthcare

Jonathan R. Bagnall is the Sr. Manager, Product Security & Services for Royal Philips Healthcare. Mr. Bagnall has extensive experience in consulting, designing, and implementing cyber-security & risk management programs for fortune 500 companies, conducting operational coordination, information sharing, and collaboration among government and the private sector. In his position as Sr. Manager, Product Security & Services he oversees the communications and client facing support for all products and services, education and global outreach awareness encompassing Critical Internal Stakeholders, Clients, Industry Cyber Engagement (HIMSS 2018, NH-ISAC, MITA, Academy Health) and Federal Government and Regulators.


edward Brennan
Senior Risk Analyst

Edward Brennan is the Senior Risk Analyst for the Health Information Sharing and Analysis Center H-ISAC) headquartered near Kennedy Space Center Florida.  He has served as U.S. Marine Corps Flight Crew - Navigator over a ten-year service career. He has a 27-year career as a Space Shuttle Engineer and Test Conductor serving as well in the performance of Emergency Management functions.

In support of the nation’s Healthcare and Public Health sector cyber-security efforts over the past 5 years, he has been coordinating and collaborating directly with

the healthcare private sector, U.S. Department of Health and Human Services (HHS), U.S. Department of Homeland Security (DHS), and other U.S. Agencies.

Ed’s passion within H-ISAC is fostering information sharing and outreach within the Healthcare and Public Health community and government as well as steering and operational roles in the National Exercise Programs to help improve cyber-resiliency. 

He is a graduate of Embry-Riddle Aeronautical University with a Masters in Aeronautical Science specializing in safety systems and human factors.

penny chase

Information Technology & Cybersecurity Integrator 
MITRE Corporation

Penny Chase is the Information Technology and Cybersecurity Integrator in the Information Technology Technical Center at The MITRE Corporation. She has led MITRE and government-sponsored projects in applying natural language processing to medical device adverse event reports, developing structured representations for malware and threat information, security visualization, software assurance, malware analysis, reverse engineering, software architecture and design pattern recovery, network penetration testing, legacy database encapsulation, machine learning, and discourse-based natural language interfaces. Penny currently supports MITRE’s FDA/CDRH project on medical device cybersecurity (leading the effort to develop a Common Vulnerability Scoring System rubric tailored to medical devices). Previously, she was Principal Investigator of the Sharing Healthcare Fraud Data MITRE Sponsored Research project; led the Malware Attribute Enumeration Characterization (MAEC) project for DHS; served as the Deputy Director of the ARDA Northeast Regional Research Center, managing workshops that addressed Intelligence Community challenge problems; and was a member of the NASA Advisory Council’s subcommittee on Avionics, Software, and Cybersecurity. Penny received her master's degrees in the History of Science and Computer Science from Harvard University.


Seth carmody
Cybersecurity Program Manager
Bio coming soon

Christian Dameff
Emergency Medicine Physician and Researcher

Dr. Christian Dameff is an Emergency Medicine physician and researcher. He is currently a Clinical Informatics fellow at the University of California San Diego. Published clinical works include post-cardiac arrest care including hypothermia, novel drug targets for acute myocardial infarction patients, ventricular fibrillation waveform analysis, cardiopulmonary resuscitation (CPR) quality and optimization, dispatch-assisted CPR, tele-toxicology and medical education topics using Google Glass.

Dr. Dameff is also an ethical hacker and security researcher interested in the intersection of healthcare, patient safety, and security. He has spoken at some of the world’s most prominent hacker forums including DEFCON, Blackhat, RSA, Derbycon, and is one of the co-founders of the CyberMed Summit, a novel multidisciplinary conference with an emphasis on medical device and infrastructure cyber security. Published security topics include hacking 911 systems, HL7 messaging vulnerabilities, and malware's effects on patient care.



Kevin Fu Headshot

Kevin Fu
Founder and Chief Scientist

Dr. Kevin Fu is Associate Professor of Computer Science & Engineering at the University of Michigan, where he conducts research on computer security and healthcare as part of the National Science Foundation’s Trustworthy Health and Wellness ( Frontiers project. He also directs the Archimedes Center for Medical Device Security, whose mission is to improve medical device security through research and education, and he co-founded Virta Labs, a healthcare cybersecurity company based in Ann Arbor, Michigan. Over the last decade, Kevin has given nearly 100 invited talks on medical device security to industry, government, and academia—including Senate and House hearings, the Institute of Medicine, and National Academy of Engineering events. Beginning with his 2006 security seminar at FDA CDRH, Kevin’s medical device security efforts were recognized with a Fed100 Award, Sloan Research Fellowship, NSF CAREER Award, MIT TR35 Innovator of the Year award, and best paper awards on medical device security by organizations such as IEEE and ACM. Kevin earned a Ph.D., master’s degree, and bachelor’s degree from MIT and he also holds a certificate of achievement in artisanal bread making from the French Culinary Institute.


Bill hagestad II
Senior Principal Cyber Security Engineer
 Bio coming soon



Dr. Suraj Kapa
Mayo Clinic

Bio coming soon

Anthony McCabe Headshot
Anthony mccabe
Associate Director of Clinical Engineering Services
Ohio State University Wexner Medical Center

Anthony McCabe is the Associate Director of Clinical Engineering Services for The Ohio State University Wexner Medical Center. Mr. McCabe oversees the Medical Equipment Management of Biomedical and Radiation Therapy devices at the large Academic Medical located in Central Ohio. With his 17+ years experience in Medical and Industrial equipment support and maintenance, it has allowed him to be involved at multiple levels ranging from the procurement, planning, design, implementation of a vast landscape of equipment and to maintain full engagement all the way through the entirety of the life cycle process.

Anthony earned his Master of Business Operational Excellence in Healthcare and Lean Six Sigma Black Belt from the Fisher College of Business from The Ohio State University, MBA from Keller Graduate School of Management, and Bachelor’s in Biomedical Engineering Technology from DeVry. Anthony also serves as a board member for the Ohio Healthcare Technology Management, HTMA-OH, and the Radiation Therapy Engineers’ Associations.



colin morgan
Director of Product Security
Johnson & Johnson
Colin Morgan, Director of Product Security at Johnson & Johnson, is responsible for leading the company’s Global Product Security Program. The Product Security Team’s mission is to ensure all products of the Johnson & Johnson Family of Companies are built on Cybersecurity best practices and Cybersecurity Risks in marketed products are properly managed to support customer’s safety and security. Colin has worked in the Cybersecurity field for a number of organizations including the Central Intelligence Agency and as a contractor for the National Oceanic & Atmospheric Administration. He is a featured speaker on Cybersecurity and is passionate about the integration of the competency across all industries. Colin has his Bachelor’s degree in Computer Engineering from The College of New Jersey, a Master’s degree in Telecommunications from George Mason University, and is CISSP, CISM and GPEN certified. 


Jay Radcliff, CISSP
Cyber Security Researcher
Thermo Fisher Scientific

Jay Radcliffe (CISSP) has been working in the computer security field for over 20 years. Coming from the managed security services industry as well as the security consultation field, Jay has helped organizations of every size and vertical secure their networks and data. Jay presented ground-breaking research on security vulnerabilities in multiple medical devices and was featured on national television as an expert on medical device cyber-security. As a Type I diabetic, Jay brings a lifetime of being a patient to helping medical facilities secure their critical data without compromising patient care. Not only is Jay a prolific public speaker, but also works with legal firms on expert witness consultation related to IoT and cyber security issues. Jay holds a Master's degree in Information Security Engineering from SANS Technology Institute, as well as a Bachelor's degree in Criminal Justice/Pre-Law from Wayne State University. SC Magazine named him one of the Top Influential IT Security Thinkers in 2013.



Matt Russo
Matt Russo
Senior Director of Product Security

Matt Russo is the Senior Director of Product Security for Medtronic, which is among the world’s largest medical technology, services and solutions companies. Matt leads the Global Device Security Program, helping to ensure Medtronic products and solutions remain safe and secure for patients and customers. He is focused on the evolving device security landscape and how Medtronic can respond and assist in shaping next generation products by offering governance, testing, assurance, and preparedness services to his various R&D partners across the organization. Matt collaborates with cross functional teams to develop common standards and processes, manages and mitigates product security risk, and engages with critical external partners, with the goal of enhancing and evolving Medtronic’s Device Security Program while supporting the Mission of alleviating pain, restoring health, and extending life.


Suzanne Schwartz

Associate Director for Science & Strategic Partnerships Center for Devices & Radiological Health

Suzanne Schwartz, MD, MBA is the Associate Director for Science & Strategic Partnerships at FDA’s Center for Devices & Radiological Health (CDRH). Her portfolio includes medical device cybersecurity and efforts that span incident response, increasing awareness, outreach, partnering, policy, and coalition-building. Suzanne chairs CDRH Cybersecurity Working Group. She also co-chairs the Government Coordinating Council for Healthcare & Public Health. Suzanne earned an MD from Albert Einstein College of Medicine, trained in General Surgery & Burn Trauma at the New York Presbyterian Hospital-Weill Cornell Medical Center; an executive MBA from NYU Stern School of Business; and she completed the National Preparedness Leadership Initiative at the Harvard School of Public Health & Kennedy School of Government.


Hans-martin von Stockhausen
Senior Product Manager Cybersecurity
Siemens Healthineers

Dr. Hans-Martin von Stockhausen holds a position as Sr. Product Manager Cybersecurity at Siemens Healthineers. In this position he leads the company in developing the security requirements for all products gathered from international regulations and customers around the globe. Inside the Siemens security community, he leads a team that that works on improving and maintaining the security posture of products and security related customer communication. He has extensive domain knowledge from 20+ years of work experience in the medical device industry holding various positions throughout the product lifecycle from SW developer to SW platform architect. In the last seven years, his focus has been on cyber security while holding a position as product security officer for medical IT systems and image acquisition devices. Hans-Martin participates in expert workshops held by European and internationally recognized organizations.



timothy walsh, CISSP
Principal Information Security Analyst
Mayo Clinic

Tim Walsh is a Principal Information Security Analyst at Mayo Clinic. Mr. Walsh performs security design analysis of medical devices and consults with multidisciplinary teams to implement secure and effective environments to promote quality health care. Prior to this role, Tim spent nearly 20 years in Information Technology developing web based and desktop applications while leading teams in the delivery of IT solutions in a clinical treatment environment.



Keith Whitby
Healthcare Technology Management (HTM) Section Head
Mayo Clinic

Bio coming soon

Invited Expert

Anita Finnegan
Nova Leah


Anita Finnegan is the CEO of Nova Leah, the first provider of intelligent software solutions for addressing cybersecurity risk management compliance requirements for connected medical devices. She is an internationally recognized expert in the field of medical device cybersecurity risk management and is an active member of a number of International Standards Communities and taskforces developing best practices for medical device cybersecurity . Her PhD research focused on developing an assurance framework to assist medical device manufacturers demonstrate confidence in the security of connect devices. Anita authored and was the international project leader for two technical reports (IEC/TR 80001-2-8 and IEC/TR 80001-2-9) and is now the security lead for the revision of ISO/IEC 80001-1. She represents NSAI as Ireland’s medical device security expert at International Standards meetings


Camilla mal0wanski
Product Cybersecurity Engineer

Camilla is an emerging cybersecurity engineer with product development experience across a broad range of medical systems: implanted devices, patient monitoring, capital equipment, and networked-connected systems. She is versed in security risk assessments, security- and privacy-by-design engineering, security design validation, and the design challenges facing hospital-integrated medical systems. Camilla holds a biomedical engineering bachelor’s degree from Marquette University and has been with Medtronic’s Cardiac Rhythm Heart Failure division since June 2016.


Gnanaprakasam Pandian
Co-founder and Chief Product Officer

Pandian has more than 20 years of product and engineering leadership experience and is also a serial entrepreneur. Before founding CloudPost, he was the Chief Development Officer at Aruba, responsible for all of engineering and product management functions. Aruba, an enterprise mobile wireless company, was acquired by HPE for $3 Billion in March 2015. Before Aruba, Pandian served as the head of engineering for Cisco’s multi-billion-dollar Wi-Fi business unit and before that as VP of engineering for low-end switching product lines. He graduated with a master’s degree in Electrical Engineering from IIT, Chennai, India and holds several patents to his credit in various networking technologies.


Sagar Patel
Cybersecurity Lead

Sagar Patel is CyberSecurity lead for Battelle’s DeviceSecure® Services, which is aimed towards helping medical device manufacturers identify and resolve potential cyber security threats at various stages of product development. Apart from working with device manufacturers, he is also responsible for development of new testing tool-sets, conducting research into novel penetration testing techniques, and collaborating with software engineering teams for security aspects of internal product development. He is a voting member of the AAMI Device Security working group, contributing to security guidance and standards for medical devices. Sagar holds a Bachelor's degree and a Master's degree in Electrical & Computer Engineering from Nirma University and Drexel University respectively.



sTeven T. Sciavolino
Supervisory Special Agent
Mission Critical Engagement Unit
Federal Bureau of Investigation

Supervisor Special Agent (SSA) Steven Sciavolino has been an FBI Agent for 15 years. He began his career working criminal cybercrimes in the San Francisco Field Office.  SSA Sciavolino received a cyber specialty transfer to the Norfolk Field Office where he then focused on National Security cybercrimes. After transferring to FBIHQ he worked in the Engineering Research Facility for five years focusing on various projects associated with technical collections for investigations. More recently, SSA Sciavolino transferred to the Cyber Division at FBIHQ where he focuses on relationships with Healthcare, Government Facilities and Emergency Services companies and government organizations.