Get direct access to leading security experts who will teach you how to identify, prevent, and recover from
Session Speakers & Panelists
Bill Aerts is the recently retired Director of Product Security within Medtronic’s Global Privacy and Security Office. In this role, Bill accounted for the company-wide Global Product Security Program, which brings together product R&D functions, security subject matter experts, and business unit and corporate leadership throughout the company to continually improve security and privacy in the devices, systems, and services that Medtronic sells. Throughout his 30+ years working in security roles, Bill has created and championed information and product security programs in the insurance, transportation, retail, and healthcare industries. Bill received his bachelor’s degree from the University of Wisconsin and holds CISSP and CISM certifications.
BioMérieux’s R&D draws on more than a century of expertise in infectious disease management and a unique mastery of the three core technologies required for developing in vitro diagnostics. Chris is tasked with cybersecurity activities to protect medical devices produced by bioMérieux.
Mr. Carpenter is Chief Engineer and co-owner of Adventium Labs. His areas of expertise include engineering high-value, real-time, fault-tolerant, and secure systems in space, military and commercial avionics, medical, and petrochemical domains. His expertise spans detailed hardware and software design, architecture development, systems design, and specification, as well as tools, standards, and processes for enhancing design flows. Current activities include developing architectures for safe and secure medical devices and developing fault management techniques and remote dynamic attestation for distributed systems. Mr. Carpenter leads Adventium's risk assessment and management services, which evaluates, and teaches how to evaluate,
Stephanie Domas, PE, CEH
Lead Medical Security Engineer
Battelle DeviceSecure Services
Stephanie (Preston) Domas is Lead Security Engineer for Battelle’s DeviceSecure®Services. In this role, she is responsible for the design, architecture, verification, and execution of security best practices in the development of new medical devices as well as the testing and cybersecurity risk mitigation of legacy systems. Battelle has current active cybersecurity design and testing programs with many of the world’s largest medical device manufacturers.
Ms. Domas is an invited active member of the Association for the Advancement of Medical Instrumentation (AAMI)-UL Joint Committee 2800 - Medical / health device communication standards, the UL 2900 working group, and AAMI TIR 57 – Principles for medical device information security risk management . Ms. Domas has expertise in firmware reverse engineering (x86, x86_64, MIPS, 8051), penetration testing, application fuzzing, as well as application development (C/C++). Ms. Domas is a registered Professional Engineer (PE) in the state of Ohio, and a Certified Ethical Hacker (CEH). She has been published and widely quoted on medical cybersecurity topics in Journal of mHealth, MedDeviceOnline, MD+DI, FDANews, MassDevice, Reuters, The Hill, Neurotech Reports, Healthegy, Today’s Medical Developments, and Medical Design and Outsourcing. She has spoken at events for MassMEDIC, AdvaMed, and the Neurotech Leaders Forum and delivered technical webinars focused on cybersecurity best practices for medical device manufacturers for AAMI and FDANews. In addition, Ms. Domas serves as an adjunct faculty member at the Ohio State University College of Computer Engineering.
Distinguished Member of Technical Staff, Principal Engineer for Medical Software & Systems Interoperability
Anura holds degrees in Electrical Engineering, Biology/Chemistry, and Software Engineering and has over 19 years of experience at UL with safety critical software and control systems certification and has also conducted research across multiple application domains – industrial automation, alternative energy, medical, hazardous locations, appliances, optical radiation, nanotechnology, battery technologies, etc. He has been involved in the development of Safety Science and generated publications in Predictive Modeling and Risk Analysis, Cybersecurity, Systems of Systems, Software, Health IT, Apps, and Medical Device safety. Anura has been engaged in projects with numerous Fortune 500 companies, DoD, DoE, DHS, FDA, FCC, ONC, NASA, and several U.S. National Laboratories. He has contributed to the development of several standards involving software and Functional Safety as a member
Kevin Fu, Ph.D
Computer Science & Engineering
University of Michigan
Dr. Kevin Fu is Associate Professor of Computer Science & Engineering at the University of Michigan, where he conducts research on computer security and healthcare as part of the National Science Foundation’s Trustworthy Health and Wellness (THAW.org) Frontiers project. He also directs the Archimedes Center for Medical Device Security, whose mission is to improve medical device security through research and education, and he co-founded
Director, Product and Engineering Systems Security
Mr. Hoyme has over 30 years experience in the design and development of safety-critical, real-time, fault-tolerant and secure systems in a variety of regulated domains, including medical systems, commercial and military avionics, industrial automation and space systems. He is a recognized expert in the field of systems engineering.
Mr. Hoyme is the co-chair of the AAMI Device Security working group, which is developing guidance for the application of medical safety risk standard ISO 14971 to security risk management and serves on AAMI’s Systems Engineering Advisory Board.
Prior to joining Boston Scientific, Mr. Hoyme was a Distinguished Scientist at Adventium Labs. He was previously a Senior Fellow at Boston Scientific where he was the systems lead for the development of the LATITUDE Remote Patient Management system. He was also the technical focal for developing standards for interconnecting implantable cardiac device data to electronic medical records systems.
Prior to joining Boston Scientific, Ken spent 18 years at Honeywell’s Corporate Research lab, where he was a Senior Fellow in their real-time computer systems group. He was awarded the H.W. Sweatt Award, Honeywell’s highest technical recognition for his work on the Boeing 777.
Ken has been granted 27 US patents. He is a member of IEEE and INCOSE. He received the Bachelors and Masters Degrees in Electrical Engineering from the University of Minnesota.
Director of Information Security, Spectrum Health
At Spectrum Health, Jim is responsible for the information security architecture, engineering, and operations teams which includes project architecture and engineering alignment, vulnerability management, and incident detection and response.
Spectrum Health is a not-for-profit health system, based in West Michigan, offering a full continuum of care through the Spectrum Health Hospital Group, which is comprised of 12 hospitals, including Helen DeVos Children’s Hospital; about 180 ambulatory and service sites; about 3,200 physicians and advanced practice providers, including about 1,400 members of the Spectrum Health Medical Group; and Priority Health, a health plan with about 795,000 members. Spectrum Health is West Michigan’s largest employer, with 25,400 employees.
Kevin McDonald, BSN, ME-PD, CISSP
Director, Clinical Information Security
Office of Information Security
Kevin McDonald has over 35 years of healthcare experience in various roles. He holds degrees in Nursing, Education and Information Systems. His work experience includes direct patient care, management, electronic medical record implementation, and information technology and security. Kevin’s current role at Mayo Clinic is Director of Clinical Information Security in the Office of Information Security, with one of his primary responsibilities being the security of medical devices.
Suzanne Schwartz, MD, MBA
Associate Director for Science and Strategic Partnerships, FDA CDRH
Suzanne Schwartz, MD, MBA is the Associate Director for Science & Strategic Partnerships at FDA’s Center for Devices & Radiological Health (CDRH). Her portfolio includes medical device cybersecurity and efforts that span incident response, increasing awareness, outreach, partnering, policy, and coalition-building. Suzanne chairs CDRH Cybersecurity Working Group. She also co-chairs the Government Coordinating Council for Healthcare & Public Health. Suzanne earned an MD from Albert Einstein College of Medicine, trained in General Surgery & Burn Trauma at the New York Presbyterian Hospital-Weill Cornell Medical Center; an executive MBA from NYU Stern School of Business; and she completed the National Preparedness Leadership Initiative at the Harvard School of Public Health & Kennedy School of Government.
Zach Rothstein, JD
Associate Vice President, Technology and Regulatory Affairs
Zach Rothstein is Associate Vice President for Technology & Regulatory Affairs at the Advanced Medical Technology Association (AdvaMed). In this position, Zach advocates for fair, efficient, and effective regulatory policies for medical devices. In particular, Zach’s efforts are primarily focused on digital health, software, cybersecurity, labeling, and postmarket surveillance. Prior to joining AdvaMed, Zach was Deputy Senior Counsel for Public Policy, at Samsung Electronics, where he was responsible for the company’s medical device and healthcare regulatory and policy issues. Zach was previously an Attorney in the FDA and Healthcare practice at the law firm of Morgan, Lewis & Bockius LLP.
Deputy Director of the Cyber Statecraft Initiative
Beau Woods is the deputy director of the Cyber Statecraft Initiative in the Brent Scowcroft on International Security. His focus is the intersection of cyber security and the human condition, primarily around Cyber Safety. This comes out of his work on the I Am The Cavalry civil society initiative, ensuring the connected technology that can impact life and safety is worthy of our trust. Over the past several years in this capacity, he has consulted with automakers, medical device manufacturers, healthcare providers, cyber security researchers, US federal agencies and legislative staff, and the White House. Prior to joining the Atlantic Council, Beau founded the security consultancy, Stratigos Security, to advise large enterprises, small business, and NGOs on information security strategy and development. Prior to that, Beau spent five years with Dell SecureWorks, where he advised commercial clients on information security and built up the security consulting services practice. Beau is a frequent presenter, media contributor, and author, and graduated from the Georgia Institute of Technology with a BS in psychology.