New Event Series Focuses on Securing Medical Devices

Healthcare & Med Device Cyber Security Series

A new series of events from the producers of the annual Cyber Security Summit looks at ways to make healthcare and medical devices more secure

Minnesota-based medical device makers and healthcare providers are among the leaders in security and patient privacy. For that reason, the annual Cyber Security Summit is launching the new "Healthcare & Med Device Cyber Security Series" in the Twin Cities on April 26.

Three events are scheduled for 2018 on April 26, July 26 and Oct. 22. Each session in the series is designed to leverage what has been learned by industry leaders to help all healthcare companies combat today's security challenges. The events will explore best practices and highlight ways device makers and healthcare providers can work together to provide innovative technologies that meet today's security challenges.

The first event is being hosted at Medtronic's Mounds View Campus on April 26 from 1-5 p.m. followed by a networking reception. Due to security considerations, registration will close on April 19.

A single session is $225, two sessions are $400 or attendees can get all three for $575. 

Registration is available now at


Post-Market Management of Fielded Medical Devices

Thursday, April 26, 2018, 1-6 p.m. (Registration closes April 19)

1–1:15 p.m. – Welcome and Introduction

1:15–2:15 p.m. – Panel: Leveraging a “Bill of Materials” to Improve Patient Safety Today

What is a “software bill of materials,” how is it generated, how is it best communicated and could it help improve patient safety?

Moderator: Ken Hoyme, Director, Product and Engineering Systems Security, Boston Scientific

Panelists: Scott Hanson, Product Security Program Manager, Medtronic; Sarah Jopp, Senior Security Analyst, Mayo Clinic; Jennifer Reicherts, Information Security Analyst, Fairview Health Services

2:15–3 p.m. – How Can Automation Help?

What tools are available to support monitoring 3rd party software for new reported vulnerabilities?

Speaker: Jim Jacobson, Chief Product and Solution Security Officer, Siemens

3–4:15 p.m. – Panel: What Are the Options for Keeping Bad Code From Getting a Foothold on the Device?

What is the best approach to device hardening and how do you ensure that only the appropriate code is executed?

Panelists: Todd Carpenter, Chief Engineer – Systems and Architecture, Adventium Labs; Jim Sievert, Principal Software Engineer, Boston Scientific; Ryan Wick, Cyber Risk Services, Deloitte

4:15–5 p.m. – Shoring up the Patch Management Process

How can we get to a place where end users can apply 3rd party patches directly?

Speaker: Keith Whitby, Healthcare Technology Management (HTM) Section Head, Mayo Clinic

5–6 p.m. – Networking Reception

Healthcare System Management of Medical Devices

Thursday, July 26, 2018, 1-6 p.m.

Topics include:

  • How to work with vendors to best design a secure medical device network
  • How to get a seat at the procurement table to ensure secure devices are purchased
  • How security properties get integrated with your inventory management systems
  • Device discovery techniques – what do you have, what does it contain, and where is it?

“Table Stakes” in the Development and Deployment of Secure Medical Devices

Monday, Oct. 22, 2018, 1-6 p.m.

Hosted at the Minneapolis Convention Center as a pre-event workshop before Cyber Security Summit 2018

Topics include:

  • Basic threat modeling and risk assessment
  • Cyber-hygiene – how do you harden a medical device?
  • What are the basic requirements for security testing and how best to get that done?
  • Procurement interactions between hospital and manufacturer – what to expect?
  • Patching best practices

Source: Cyber Security Summit