Register Now arrow

Get direct access to leading security experts who will teach you how to identify, prevent, and recover from cybersecurity attacks.

Session Speakers & Panelists


Bill Aerts
Archimedes Co-Chair & Retired Medtronic Director of Product Security

Bill Aerts is the recently retired Director of Product Security within Medtronic’s Global Privacy and Security Office. In this role, Bill accounted for the company-wide Global Product Security Program, which brings together product R&D functions, security subject matter experts, and business unit and corporate leadership throughout the company to continually improve security and privacy in the devices, systems, and services that Medtronic sells. Throughout his 30+ years working in security roles, Bill has created and championed information and product security programs in the insurance, transportation, retail, and healthcare industries. Bill received his bachelor’s degree from the University of Wisconsin and holds CISSP and CISM certifications.

Chris Bitza
US R&D Cybersecurity Leader

BioMérieux’s R&D draws on more than a century of expertise in infectious disease management and a unique mastery of the three core technologies required for developing in vitro diagnostics. Chris is tasked with cybersecurity activities to protect medical devices produced by bioMérieux.

Todd Carpenter
Chief Engineer & Owner
Adventium Enterprises


Mr. Carpenter is Chief Engineer and co-owner of Adventium Labs. His areas of expertise include engineering high-value, real-time, fault-tolerant, and secure systems in space, military and commercial avionics, medical, and petrochemical domains. His expertise spans detailed hardware and software design, architecture development, systems design, and specification, as well as tools, standards, and processes for enhancing design flows.  Current activities include developing architectures for safe and secure medical devices and developing fault management techniques and remote dynamic attestation for distributed systems. Mr. Carpenter leads Adventium's risk assessment and management services, which evaluates, and teaches how to evaluate, security risk for cyber physical systems and products in medical, avionics, and industrial domains.



Stephanie Domas, PE, CEH
Stephanie Domas, PE, CEH

Lead Medical Security Engineer
Battelle DeviceSecure Services

Stephanie (Preston) Domas is Lead Security Engineer for Battelle’s DeviceSecure®Services. In this role, she is responsible for the design, architecture, verification, and execution of security best practices in the development of new medical devices as well as the testing and cybersecurity risk mitigation of legacy systems. Battelle has current active cybersecurity design and testing programs with many of the world’s largest medical device manufacturers.

Ms. Domas is an invited active member of the Association for the Advancement of Medical Instrumentation (AAMI)-UL Joint Committee 2800 - Medical / health device communication standards, the UL 2900 working group, and AAMI TIR 57 – Principles for medical device information security risk management . Ms. Domas has expertise in firmware reverse engineering (x86, x86_64, MIPS, 8051), penetration testing, application fuzzing, as well as application development (C/C++). Ms. Domas is a registered Professional Engineer (PE) in the state of Ohio, and a Certified Ethical Hacker (CEH). She has been published and widely quoted on medical cybersecurity topics in Journal of mHealth, MedDeviceOnline, MD+DI, FDANews, MassDevice, Reuters, The Hill, Neurotech Reports, Healthegy, Today’s Medical Developments, and Medical Design and Outsourcing. She has spoken at events for MassMEDIC, AdvaMed, and the Neurotech Leaders Forum and delivered technical webinars focused on cybersecurity best practices for medical device manufacturers for AAMI and FDANews. In addition, Ms. Domas serves as an adjunct faculty member at the Ohio State University College of Computer Engineering.

Anura Fernando

Distinguished Member of Technical Staff, Principal Engineer for Medical Software & Systems Interoperability

Anura holds degrees in Electrical Engineering, Biology/Chemistry, and Software Engineering and has over 19 years of experience at UL with safety critical software and control systems certification and has also conducted research across multiple application domains – industrial automation, alternative energy, medical, hazardous locations, appliances, optical radiation, nanotechnology, battery technologies, etc.  He has been involved in the development of Safety Science and generated publications in Predictive Modeling and Risk Analysis, Cybersecurity, Systems of Systems, Software, Health IT, Apps, and Medical Device safety.  Anura has been engaged in projects with numerous Fortune 500 companies, DoD, DoE, DHS, FDA, FCC, ONC, NASA, and several U.S. National Laboratories.  He has contributed to the development of several standards involving software and Functional Safety as a member in IEC, ISO, ASME committees and served as an IECEE Expert Task Force member.  Anura currently has global responsibility for medical device software certification at UL and serves as UL’s technical lead for the development of the AAMI/UL 2800 family of standards for interoperable medical device safety and platform security, and the UL 2900-2-1 product testing focused cybersecurity standard for healthcare, which are also part of the VA-UL Cybersecurity CRADA.  He has served as a member of the Department of Health and Human Services Cybersecurity Task Force, the Federal Advisory Committee FDA Safety and Innovation Act (FDASIA) WG, FDA Medical Device Interoperability Coordinating Council, Medical Device Interoperability Safety Working Group, NIH QMDI Program Advisory Committee, NIH PRISM Industry Expert Committee, the Association for the Advancement of Medical Instrumentation, HIMSS, and the International Council on Systems Engineering, along with IEC and ISO where he has been involved with a number of functional safety, interoperability-, and security-related committees.

Kevin Fu, Ph.D
Kevin Fu, Ph.D

Associate Professor
Computer Science & Engineering
University of Michigan

Dr. Kevin Fu is Associate Professor of Computer Science & Engineering at the University of Michigan, where he conducts research on computer security and healthcare as part of the National Science Foundation’s Trustworthy Health and Wellness ( Frontiers project. He also directs the Archimedes Center for Medical Device Security, whose mission is to improve medical device security through research and education, and he co-founded Virta Labs, a healthcare cybersecurity company based in Ann Arbor, Michigan. Over the last decade, Kevin has given nearly 100 invited talks on medical device security to industry, government, and academia—including Senate and House hearings, the Institute of Medicine, and National Academy of Engineering events. Beginning with his 2006 security seminar at FDA CDRH, Kevin’s medical device security efforts were recognized with a Fed100 Award, Sloan Research Fellowship, NSF CAREER Award, MIT TR35 Innovator of the Year award, and best paper awards on medical device security by organizations such as IEEE and ACM. Kevin earned a Ph.D., master’s degree, and bachelor’s degree from MIT and he also holds a certificate of achievement in artisanal bread making from the French Culinary Institute.

Ken Hoyme

Director, Product and Engineering Systems Security
Boston Scientific

Mr. Hoyme has over 30 years experience in the design and development of safety-critical, real-time, fault-tolerant and secure systems in a variety of regulated domains, including medical systems, commercial and military avionics, industrial automation and space systems. He is a recognized expert in the field of systems engineering.

Mr. Hoyme is the co-chair of the AAMI Device Security working group, which is developing guidance for the application of medical safety risk standard ISO 14971 to security risk management and serves on AAMI’s Systems Engineering Advisory Board.

Prior to joining Boston Scientific, Mr. Hoyme was a Distinguished Scientist at Adventium Labs. He was previously a Senior Fellow at Boston Scientific where he was the systems lead for the development of the LATITUDE Remote Patient Management system. He was also the technical focal for developing standards for interconnecting implantable cardiac device data to electronic medical records systems.

Prior to joining Boston Scientific, Ken spent 18 years at Honeywell’s Corporate Research lab, where he was a Senior Fellow in their real-time computer systems group. He was awarded the H.W. Sweatt Award, Honeywell’s highest technical recognition for his work on the Boeing 777.

Ken has been granted 27 US patents. He is a member of IEEE and INCOSE. He received the Bachelors and Masters Degrees in Electrical Engineering from the University of Minnesota.

Jim Kuiphof

Director of Information Security, Spectrum Health

At Spectrum Health, Jim is responsible for the information security architecture, engineering, and operations teams which includes project architecture and engineering alignment, vulnerability management, and incident detection and response.

Spectrum Health is a not-for-profit health system, based in West Michigan, offering a full continuum of care through the Spectrum Health Hospital Group, which is comprised of 12 hospitals, including Helen DeVos Children’s Hospital; about 180 ambulatory and service sites; about 3,200 physicians and advanced practice providers, including about 1,400 members of the Spectrum Health Medical Group; and Priority Health, a health plan with about 795,000 members. Spectrum Health is West Michigan’s largest employer, with 25,400 employees.

Kevin McDonald, BSN, ME-PD, CISSP
Kevin McDonald, BSN, ME-PD, CISSP

Director, Clinical Information Security
Office of Information Security
Mayo Clinic

Kevin McDonald has over 35 years of healthcare experience in various roles. He holds degrees in Nursing, Education and Information Systems. His work experience includes direct patient care, management, electronic medical record implementation, and information technology and security. Kevin’s current role at Mayo Clinic is Director of Clinical Information Security in the Office of Information Security, with one of his primary responsibilities being the security of medical devices.

Suzanne Schwartz, MD, MBA

Associate Director for Science and Strategic Partnerships, FDA CDRH

Suzanne Schwartz, MD, MBA is the Associate Director for Science & Strategic Partnerships at FDA’s Center for Devices & Radiological Health (CDRH). Her portfolio includes medical device cybersecurity and efforts that span incident response, increasing awareness, outreach, partnering, policy, and coalition-building. Suzanne chairs CDRH Cybersecurity Working Group. She also co-chairs the Government Coordinating Council for Healthcare & Public Health. Suzanne earned an MD from Albert Einstein College of Medicine, trained in General Surgery & Burn Trauma at the New York Presbyterian Hospital-Weill Cornell Medical Center; an executive MBA from NYU Stern School of Business; and she completed the National Preparedness Leadership Initiative at the Harvard School of Public Health & Kennedy School of Government.

Zach Rothstein, JD

Associate Vice President, Technology and Regulatory Affairs

Zach Rothstein is Associate Vice President for Technology & Regulatory Affairs at the Advanced Medical Technology Association (AdvaMed). In this position, Zach advocates for fair, efficient, and effective regulatory policies for medical devices. In particular, Zach’s efforts are primarily focused on digital health, software, cybersecurity, labeling, and postmarket surveillance. Prior to joining AdvaMed, Zach was Deputy Senior Counsel for Public Policy, at Samsung Electronics, where he was responsible for the company’s medical device and healthcare regulatory and policy issues. Zach was previously an Attorney in the FDA and Healthcare practice at the law firm of Morgan, Lewis & Bockius LLP.


Beau Woods

Deputy Director of the Cyber Statecraft Initiative
Atlantic Council

Beau Woods is the deputy director of the Cyber Statecraft Initiative in the Brent Scowcroft on International Security. His focus is the intersection of cyber security and the human condition, primarily around Cyber Safety. This comes out of his work on the I Am The Cavalry civil society initiative, ensuring the connected technology that can impact life and safety is worthy of our trust. Over the past several years in this capacity, he has consulted with automakers, medical device manufacturers, healthcare providers, cyber security researchers, US federal agencies and legislative staff, and the White House. Prior to joining the Atlantic Council, Beau founded the security consultancy, Stratigos Security, to advise large enterprises, small business, and NGOs on information security strategy and development. Prior to that, Beau spent five years with Dell SecureWorks, where he advised commercial clients on information security and built up the security consulting services practice. Beau is a frequent presenter, media contributor, and author, and graduated from the Georgia Institute of Technology with a BS in psychology.