.png?width=1500&height=500&name=2025%20final%20HSW%20banner%20(1).png)
David brumley
ForAllSecure
David Brumley is the CEO of ForAllSecure and a full professor at Carnegie Mellon University. His research focuses on novel program analysis and verification techniques that prove the presence of bugs and vulnerabilities. He has published numerous academic papers, won several test-of-time and achievement awards, competed and won the DARPA Cyber Grand Challenge, and holds a black badge. ForAllSecure created Mayhem to bring the same technology used by the world’s best hackers into commercial software development pipelines.
CDr. TJ ChristL
Department of Health and Human Services’ (HHS) Administration for
Strategic Preparedness and Response (ASPR). CIP executes the Sector Risk Management
Agency (SRMA) responsibilities for the Healthcare and Public Health (HPH) Sector
On behalf of HHS, CDR Christl is promoting resilience of the nation’s health infrastructure by leading a dynamic public-private partnership, drawing from all aspects of the Sector, to prepare for future threats, manage risks, and coordinate effective response. As the Director of CIP, CDR Christl leads the SRMA activities and serves as the permanent Co-Chair of the HPH Sector’s Government Coordinating Council.
Prior to joining CIP in 2019, CDR Christl spent 16 years with the Food and Drug Administration as a project manager, emergency coordinator, and most recently the Director of the Office of Drug Security, Integrity and Response where he oversaw strategic and operational activities supporting global pharmaceutical supply chain
integrity including imports, exports, recalls and the detection and prevention of and response to counterfeit or otherwise illegitimate drugs in the U.S. pharmaceutical supply chain.
In his capacity within the Commissioned Corps of the US Public Health Service, CDR Christl had deployed to public health disaster responses on numerous occasions including COVID-19, Hurricanes Irma and Maria, and to the Monrovia Medical Unit Ebola Treatment Unit outside of Monrovia, Liberia. CDR Christl earned Bachelors in Science in Biology and Marine Science from the University of Miami, his M.S. in Biomedical Sciences from the Medical University of South Carolina and his M.S. in Organizational Leadership at Johns Hopkins University.
Kevin Fu
Former Acting Director, US FDA CDRH Medical Device Security
Kevin Fu is credited for establishing the field of medical device security beginning with the 2008 IEEE paper on defibrillator security.
Kevin is a former MIT Technology Review TR35 Innovator of the Year and Fellow of the AAAS, ACM, and IEEE. He has testified in the House and Senate on matters of information and medical device security and has written commissioned work on trustworthy medical device software for the Institute of Medicine of the National Academies. He was a member of NIST Information Security and Privacy Advisory Board, the CRA Computing Community Consortium Council, and the ACM Committee on Computers and Public Policy. He received the Dr. Dwight E. Harken Memorial Lecturer Award from the Association for the Advancement of Medical Instrumentation (AAMI) for his leadership on medical device security standardization.
gREG GARCIA
Greg Garcia is the Executive Director of the Health Sector Coordinating Council Cybersecurity Working Group, the government-recognized critical infrastructure industry advisory council of more than 400 healthcare providers, pharmaceutical and medtech companies, payers and health IT entities partnering with government to identify and mitigate cyber threats to health data and research, systems, manufacturing
and patient care.
Greg was appointed by President George W. Bush as the nation's first Assistant Secretary for Cybersecurity and Communications for the U.S. Department of Homeland Security.
executive positions in healthcare, financial services, high technology and the United States Congress.
Greg is a 2024 recipient of the Baldrige Foundation Award for Leadership Excellence in Cybersecurity.
aNDREw Ginter
Waterfall Security Solutions
At Waterfall Security, Andrew leads a team of experts who work with the world's most secure industrial enterprises, focused on manufacturing, heavy industry, critical industrial infrastructures, and building automation.
ERic Henry
King & Spalding
Eric Henry is a 35+ year veteran leading global technical and regulatory compliance organizations, with a particular focus on medical device software design controls.
He currently works in the FDA & Life Sciences Practice of the law firm King & Spalding, where he provides advisory and management consulting services focused on regulatory compliance, enforcement, and policy matters involving industries regulated by the FDA and other global life sciences regulatory competent authorities. He also advises corporate management, boards, and staff concerning their responsibilities, regulatory expectations, and how to navigate through compliance and enforcement complexities during crisis events.
jack kufahL
Michigan Medicine
Jack Kufahl is the Chief Information Security Officer for Michigan Medicine at the University of Michigan, one of the nation’s top academic medical centers that brings together world-class experts from research, patient care, and education to make groundbreaking discoveries that create life-changing medicine.
He has over 20 years of experience in information technology, primarily in leadership roles. He is one of the incorporating officers of the Michigan Healthcare Cybersecurity Council and is a current board member. The MiHCC is a public-private partnership in the State of Michigan and the healthcare industry supporting the citizens, patients, workforce , and students of Michigan. MiHCC seeks to protect the critical healthcare infrastructure and institutions of Michigan by providing relevant knowledge, meaningful relationships, and information security services to the partnering individuals, agencies, organizations , and vendors. Jack is also a graduate of the esteemed FBI CISO Academy and has completed the Masters of Legal Studies program with a concentration in compliance law at Washington University in St Louis.
As the Chief Information Security Officer, he is currently responsible for planning, developing, implementing, and maintaining the Michigan Medicine information assurance program. He directs all information assurance activities across the academic medical center to ensure the confidentiality, integrity, and availability of electronic information resources critical to the tripartite mission of patient care, research, and education at Michigan Medicine.
brian mazanec
Brian Mazanec is a Deputy Assistant Secretary and Director of the U.S. Department of Health and Human Services (HHS) Coordination Operations and Response Element (H-CORE) within the Administration for Strategic Preparedness and Response (ASPR). H-CORE was born out of Operation Warp Speed-- the COVID-19 medical countermeasures response led by HHS and the Department of Defense which transitioned to ASPR in 2021. H-CORE'ss mission today is to lead and enable agile, data-driven operational coordination, logistics readiness, and scalable response for public health emergencies and disasters, including infectious disease outbreaks and cyber attacks. Prior to his current role, Brian served as Deputy Director of the ASPR Center for Preparedness and the Deputy Assistant Secretary for Security, Intelligence, and Information Management.
Prior to joining ASPR, Brian served at the U.S. Government Accountability Office (GAO), where he was the senior executive responsible for leading the agency’s Strategic Warfare and Intelligence portfolio. He led and managed numerous teams evaluating a variety of national security programs and activities related to biological and other emerging threats; intelligence community management; security and counterintelligence; sensitive activities and programs; personnel vetting; and space policy and operations. Brian also previously worked on Weapons of Mass Destruction (WMD) issues at the Defense Intelligence Agency, Office of the Deputy Assistant Secretary of Defense for Nuclear Matters, and the Joint Staff J5 Combating WMD directorate.
Brian received his Ph.D. in Biodefense from George Mason University’s Schar School of Policy and Government and holds a B.A. in political science from the University of Richmond and a M.S. in defense and strategic studies from Missouri State University’s Department of Defense and Strategic Studies. In addition to his work in government, Brian’s teaches graduate level courses at several local universities, and he has authored or co-authored multiple academic books on cyber issues. He lives in Falls Church, Virginia with his wife and four children.
nimi ocholi
BD
Nimi is the Vice President, Research & Development, Product Security at BD. Nimi leads the team of Product Security Officers focused on implementing security by design, security in use and product end of life strategies across BD’s portfolio of software-based products. He is responsible for establishing clear product security process/technology expectations and enabling increased product security maturity.
Prior to joining BD, Nimi was Senior Director for Product Security & Technical Fellow at Medtronic and has more than 18 years of experience in the Medical Device Industry. He previously assisted the Cardiac Rhythm Management and Neuromodulation businesses in managing ongoing challenges related to Product Security. He is involved in several external forums including the Health Sector Coordinating Council - Joint Cybersecurity Working Group.
Nimi earned his BS and MEng degrees from the Massachusetts Institute of Technology and security training from the SANS Institute.
Bill Reid
Google Cloud
Bill is a member of Google Cloud’s Office of the Chief Information Security Officer (CISO), where he advises Health and Life Sciences customers on ways to achieve their business goals while adopting a high security bar.
Prior to Google, he was VP and Chief Security Officer for National Resilience, a bio-manufacturing company, where he established and ran the Security and Privacy organization, including physical, IT, and OT/ICS systems. Before Resilience, Bill was the CISO for Amazon Care, a telemedicine and in person care service. Also at AWS, Bill led the AWS Security Solution Architecture team. Earlier, Bill held CISO roles at healthcare technology and medical device companies, and was Director of Product Management for Microsoft’s Health Solutions Group and member of their Trustworthy Computing initiative.
Bill began his career in healthcare administration for Group Health Cooperative (now Kaiser). He has a Masters from Tufts University and Bachelors from the University of Pennsylvania.
Naomi Schwartz
Medcrypt Inc.
Naomi is the Vice President of Services at Medcrypt, a medical device cybersecurity specialty firm. She is a former premarket reviewer and consumer safety officer at FDA’s CDRH, with 6.5 years of expertise in software, cybersecurity, interoperability, and wireless coexistence for connected diabetes devices. She was the recipient of multiple awards at the FDA, including 5 Commissioner’s Special Citations, for outstanding service, group achievements, customer service excellence, and plain language communication at CDRH. Naomi has been recognized as a team recipient of the Samuel J. Heyman Service to America Medals for Management Excellence.
Prior to her time at FDA, Naomi spent 15 years as a defense contractor developing radar systems and jammers for live field tests with operational DoD assets. Naomi holds a distinguished track record of ensuring cybersecurity and operational safety across the medical and defense sectors.
Hans-Martin von stockhausen
Siemens Healthineers
Dr. Hans-Martin von Stockhausen holds a position as Principal Key Expert for Cybersecurity at Siemens Healthineers. In this position he leads the company in developing security requirements for all products gathered from international regulations and customers around the globe with a focus on supporting the operational risk management on the operator’s side. Inside the Siemens security community, he leads a team that that works on improving and maintaining the security posture of products and security related customer communication. He has extensive domain knowledge from 20+ years of work experience in the medical device industry holding various positions throughout the product lifecycle from SW developer to SW platform architect to product manager.
For 10+ years, his focus has been on cyber security while holding a position as product security officer for medical IT systems and image acquisition devices. Hans-Martin participates in expert workshops and talks at conferences held by European and internationally recognized organizations. Furthermore, he is a member of the board of directors of Health-ISAC.
jessica wilkerson
Jessica Wilkerson is a Senior Cyber Policy Advisor and the Medical Device Cybersecurity Team Lead within the Division of Medical Device Cybersecurity (DMDC), housed within the Office of Readiness and Response (ORR) in the Office of Strategic Partnerships and Technology Innovation (OST) in FDA CDRH. As part of DMDC, she examines issues and develops policy related to medical device cybersecurity.
She received a B.A. in Policy Studies and minors in Computer Science and Mathematics from Syracuse University, and a J.D. from the Catholic University of America’s Columbus School of Law.
Co-Chair
AXEL Wirth
Medcrypt Inc.
Axel Wirth is a seasoned professional with a passion for medical device cybersecurity. He has been involved in the medical device industry for more than 40 years. Over the past 15 years, he has developed a deep understanding of the unique cybersecurity challenges posed by these devices. Axel has a proven track record of developing and implementing effective security solutions that ensure the confidentiality, integrity, and availability of medical devices and the sensitive data they manage. He is known for his exceptional problem-solving skills, technical knowledge, and excellent communication and leadership abilities.
As Chief Security Strategist, Axel Wirth provides strategic vision and industry leadership to Medcrypt and its customers. In this role he helps guide the company in critical security strategy decisions and supports the adoption of security technologies to the healthcare industry. He is committed to advancing the field of medical device cybersecurity and ensuring that patient receive the best possible care – safely and effectively.
He is an active participant in industry and standards organizations, serves on boards and committees, and is a frequent speaker on subjects such as healthcare cybersecurity and privacy, medical device security, regulatory
compliance, and related healthcare-specific topics.
As adjunct professor, Wirth teaches a Medical Device Cybersecurity course at the University of Connecticut clinical engineering graduate program as well as is the co-editor / co-author of two books on the topic. Further, he guides healthcare-focused cybersecurity startup companies as an advisory board member.
In recognition of his accomplishments, he has been awarded the “2018 ACCE/HIMSS Excellence in Clinical Engineering & IT Synergies Award” and the “ACCE 2019 Clinical Engineering Advocacy Award” as well as has been recognized as a Fellow by AAMI (Association for the Advancement of Medical Instrumentation) and HIMSS (Healthcare Information and Management Systems Society).
His extensive background in the healthcare IT and medical device industries includes engineering leadership as well as business development and marketing roles with Siemens, Analogic, Mitra, Agfa, and Symantec. His education includes a BS in Electrical Engineering (BSEE) from the University of Applied Sciences, Düsseldorf (Germany) and an MS in Engineering Management (MSEM) from The Gordon Institute of Tufts University.