![2[38]](https://www.secure-medicine.org/hs-fs/hubfs/2%5B38%5D.png?width=1500&height=500&name=2%5B38%5D.png)
"Archimedes and the State of Medical Device Security"
Dr. Kevin Fu
Former Acting Director, US FDA CDRH Medical Device Security
Kevin Fu is credited for establishing the field of medical device security beginning with the 2008 IEEE paper on defibrillator security.
Kevin is a former MIT Technology Review TR35 Innovator of the Year and Fellow of the AAAS, ACM, and IEEE. He has testified in the House and Senate on matters of information and medical device securityand has written commissioned work on trustworthy medical device software for the Institute of Medicine of the National Academies. He was a member of NIST Information Security and Privacy Advisory Board, the CRA Computing Community Consortium Council, and the ACM Committee on Computers and Public Policy. He received the Dr. Dwight E. Harken Memorial Lecturer Award from the Association for the Advancement of Medical Instrumentation (AAMI) for his leadership on medical device security standardization.
Christian dameff
Medical Director of Cybersecurity at the University of California San Diego
Dr. Dameff is also a hacker and security researcher interested in the intersection of healthcare, patient safety, and cybersecurity. He has spoken at some of the world’s most prominent hacker forums including DEFCON, RSA, Blackhat, Derbycon, BSides: Las Vegas, and is one of the cofounders of the CyberMed Summit, a novel multidisciplinary conference with emphasis on medical device and infrastructure cybersecurity. Published cybersecurity topics include hacking 911 systems, HL7 messaging vulnerabilities, and malware.
"Update of FDA Regulations"
Suzanne Schwartz
US FDA
Suzanne B. Schwartz, MD, MBA is the Director of the Office of Strategic Partnerships and Technology Innovation (OST) at FDA’s Center for Devices & Radiological Health (CDRH). Suzanne’s work in medical device cybersecurity includes raising awareness, educating, outreach, partnering and coalition-building within the Healthcare and Public Health Sector (HPH) as well as fostering collaborations across other government agencies and the private sector. Suzanne has been recognized for Excellence in Innovation at FDA’s Women’s History Month for her work in Medical Device Cybersecurity. Together with Health Canada, Suzanne has represented FDA in co-chairing the International Medical Device Regulators Forum (IMDRF) Work Group on Medical Device Cybersecurity leading to its first international guidance publication in March 2020. She chairs CDRH’s Cybersecurity Working Group, tasked with formulating FDA’s medical device cybersecurity policy and has additionally served as co-chair of the Government Coordinating Council (GCC) for the HPH Critical Infrastructure Sector, focusing on the sector’s healthcare cybersecurity initiatives. Suzanne earned an MD from Albert Einstein College of Medicine; an executive MBA from NYU Stern School of Business, completed Cohort X of the National Preparedness Leadership Initiative – Harvard School of Public Health & Harvard Kennedy School of Government executive education, and earned in September 2018 a certificate of mastery for completion of requirements at the Federal Executive Institute – Leadership for a Democratic Society.
"Navigating Global Regulatory Expectations for Medical Device Security"
Michelle Jump
MedSec
Michelle Jump is the CEO at MedSec where she is responsible for providing strategic leadership, training and education to the medical device industry, and thought leadership in the area of medical device cybersecurity practices and processes. She also participates in a variety of domestic and international standards, as well as relevant industry and government initiatives to support security within the healthcare industry.
Michelle is a veteran of our Medical Device security industry being instrumentally involved with seminal industry consensus standards like AAMI TIR 57, AAMI TIR 97, IMDRF, ISO 80001-2-2, ISO 81001-1, ISO 62304, and the Medical Device CVSS Rubric. She regularly communicates with global regulatory bodies, including the US FDA, on the topic of medical device security by co-presenting, assisting with submissions, and helping shape guidance and implementation of this topic at these agencies.
Adam Shostack
Adam is a leading expert on threat modeling, and a consultant, expert witness, author and game designer. He has decades of experience delivering security. His experience ranges across the business world from founding startups to nearly a decade at Microsoft.
His accomplishments include:
- Helped create the CVE. Now an Emeritus member of the Advisory Board.
- Fixed Autorun for hundreds of millions of systems
- Led the design and delivery of the Microsoft SDL Threat Modeling Tool (v3)
- Created the Elevation of Privilege threat modeling game
- Wrote Threat Modeling: Designing for Security and Threats: What Every Engineer Should Learn from Star Wars
- Co-authored The New School of Information Security
Beyond consulting and training, Shostack serves as a member of the Blackhat Review Board, an advisor to a variety of companies and academic institutions, and as an Affiliate Professor at the Paul G. Allen School of Computer Science and Engineering at the University of Washington.