
Healthcare
Healthcare has become a primary threat vector in recent years. Despite the high level of regulation, recent efforts have made minimal impact on security. These sessions contain vital information relevant specifically to the Healthcare industry's security technology, it's regulations, standards and it's hope for the future.
Healthcare

Joey Johnson
CISO, Premise Health
Johnson, CISO of Premise Health, Brentwood, Tenn., has more than 15 years of cybersecurity experience. Premise Health was formed as a result of the merger of Take Care Employer Solutions - a former subsidiary of Walgreen Co. - and CHS Health Services. Johnson formerly served as chief security officer for the U.S. Department of Commerce - Office of Computer Services, and held various security and network architecture roles leading the design and implementation of complex enterprise networks for airports, hospitals, universities and federal agencies.

Mitch Parker
CISO, Indiana University Health System
Parker is CISO at University of Indiana Health, based in Indianapolis. He formerly served as CISO at the four-hospital Temple University Health System as well as CISO for Temple's clinical faculty practice plan, Temple University Physicians. Previously, he was an information security consultant to the Defense Logistics Agency and others.

Chris Frenz
CISO, Interfaith Medical Center
Christopher Frenz currently serves as the AVP of Information Security for Interfaith Medical Center where he worked to develop the hospital's information security program and infrastructure. Under his leadership the hospital has been one of the first in the country to embrace a zero trust model for network security. Frenz has also played a role in pushing for the adoption of improved security standards within hospitals and is the author of the OWASP Secure Medical Device Deployment Standard as well as the OWASP Anti-Ransomware Guide.

Kierk Sanderlin
Head of Engineering, Check Point Software Technologies
Sanderlin is the Head of Engineering and a part of the Office of the CTO team at Check Point Software Technologies. He has been in the cyber field for over 20 years where he has held various roles related to design, implementation, evangelism and leadership. Kierk has a passion to educate the masses on current threats and develop the next generation of cyber defenders.

Anahi Santiago
CISO, Christiana Care Health System
As Christiana Care Health System's Chief Information Security Officer, Anahi Santiago is charged with providing strategic direction and oversight to a comprehensive security program, policy development, standards and controls implementation, training and awareness, regular risk assessment and mitigation, as well as partnerships with internal and external auditors. She also regularly collaborates with state and federal regulatory bodies and actively contributes to proposed state and federal regulations that govern privacy and information security. Before joining Christiana, Santiago provided similar support for the Albert Einstein Healthcare Network at a director level.

Sam Curry
Chief Security Officer, Cybereason
Sam Curry currently servers Chief Security Officer for Cybereason. Previously, he served as Chief Technology and Security Officer at Arbor Networks, where he was responsible for the development and implementation of Arbor's technology, security and innovation roadmap. Prior to that role, he spent more than seven years at RSA (the Security Division of EMC) in a variety of senior management positions, including Chief Strategy Officer and Chief Technologist and Senior Vice President of Product Management and Product Marketing. Curry has also held senior roles at Microstrategy, Computer Associates, and McAfee.

Sonia Arista
National Healthcare Practice Director, Fortinet
Sonia Arista joined Fortinet in May 2018 and is responsible for the go-to-market strategy, solutions and sales growth for the company's healthcare business. Based in Boston, she works closely with healthcare industry leaders to demonstrate the importance of a security fabric approach to enable scalable, protected, cost-effective access to high value patient data that addresses changing regulatory standards and industry identified threats. Prior to Fortinet, Arista was a Healthcare Strategy Principal at GuidePoint Security, serving as a subject matter expert to lead business development in healthcare. Most recently, she has been contracted to serve as an interim Chief Information Security Officer for several healthcare-related entities like Wellforce, Nuance Communications and Verscend Technologies, looking for program validation, incident response support and board-level education. Arista has also held CISO leadership positions for Tufts Medical Center, and the New England Quality Care Alliance where she was responsible for the development and management of their Information Security programs.

Chris Frenz
CISO, Interfaith Medical Center
Christopher Frenz currently serves as the AVP of Information Security for Interfaith Medical Center where he worked to develop the hospital's information security program and infrastructure. Under his leadership the hospital has been one of the first in the country to embrace a zero trust model for network security. Frenz has also played a role in pushing for the adoption of improved security standards within hospitals and is the author of the OWASP Secure Medical Device Deployment Standard as well as the OWASP Anti-Ransomware Guide.

Nicholas Heesters
Senior Advisor for Cybersecurity, HHS OCR
Nicholas Heesters is a certified information privacy professional with over 25 years of experience supporting technology and information security efforts in many diverse industries including financial services, government, defense, education and healthcare. He earned a Master of Engineering in Computer and Software Engineering from Widener University and his Juris Doctor from the Widener University School of Law. Currently, Heesters works for the U.S. Department of Health and Human Services Office for Civil Rights supporting HIPAA compliance and enforcement activities.

Cris Ewell
CISO, UW Medicine
Ewell, PhD, is CISO at University of Washington Medicine. Previously, he was CISO of Seattle Children's Hospital. Before that, he served as the director of information security operations at the University of Washington, chief security officer for PEMCO Corp. and chief technology officer for Breakwater Security.

Jigar Kadakia
CISO & CPO, Partners HealthCare
Kadakia has more than 17 years of information security experience across multiple industries, with a focus on health care delivery and projects such as HIPAA/HITECH assesments, Meaningful Use assessment, ICD-10 releted implementations, privacy program assessments and implementations, IT internal audit, and business associate risk management. Kadakia has spoken at many security and privacy forums/roundtables/conferences, and is a leader in the health care information security and privacy space. He has a Bachelor of Science degree in Chemical Engineering from the University of Cincinnati and a Master in Business Administration from Xavier University. He is CISSP, CIPP and HITRUST Certified. He is also certified in Risk and Information System Controls.

Jennings Aske
CISO, New York-Presbyterian
Aske is the CISO for New York-Presbyterian. Prior to this he was VP Information Security & Chief Security Officer of Nuance Communications as well as Chief Information Security and Privacy Officer of Partners HealthCare. Prior to Partners, Aske was the Chief Information Security Officer for UMass Memorial Hospital. Aske was also the Chief Information Security Officer for the Commonwealth of Massachusetts's Executive Office of Health and Human Services, responsible for coordinating information security across the 16 state agencies. Aske is a licensed attorney in the Commonwealth of Massachusetts.

Chris Frenz
CISO, Interfaith Medical Center
Christopher Frenz currently serves as the AVP of Information Security for Interfaith Medical Center where he worked to develop the hospital's information security program and infrastructure. Under his leadership the hospital has been one of the first in the country to embrace a zero trust model for network security. Frenz has also played a role in pushing for the adoption of improved security standards within hospitals and is the author of the OWASP Secure Medical Device Deployment Standard as well as the OWASP Anti-Ransomware Guide.

Michael McNeil
Global Security Officer, Philips
Michael McNeil is the Global Product Security & Services Officer for Royal Philips. McNeil leads global product security, ensuring consistent processes are deployed in the Healthcare market. McNeil was the former Global Chief Privacy & Security Officer at Medtronic; Chief IT Security Officer at Liberty Mutual Group; Global Chief Privacy Officer at Pitney Bowes, and Vice President, Chief Privacy Officer of Data Services for Reynolds & Reynolds. McNeil, provided expert testimony before Congress on Cybersecurity; and conducts training presentations worldwide. McNeil is a member of the Department of Health & Human Services Healthcare Cybersecurity Task Force; Chair of the MITA Cybersecurity Committee; Board member of National Health Information Sharing and Analysis Center.

Suzanne Schwartz, MD
Director, Office of Strategic Partnerships and Technology Innovation (OST) at FDA’s Center for Devices & Radiological Health (CDRH)
Suzanne B. Schwartz, MD, MBA is the Director of the Office of Strategic Partnerships and Technology Innovation (OST) at FDA’s Center for Devices & Radiological Health (CDRH). Suzanne’s work in medical device cybersecurity includes raising awareness, educating, outreach, partnering and coalition-building within the Healthcare and Public Health Sector (HPH) as well as fostering collaborations across other government agencies and the private sector. Suzanne has been recognized for Excellence in Innovation at FDA’s Women’s History Month for her work in Medical Device Cybersecurity. Together with Health Canada, Suzanne has represented FDA in co-chairing the International Medical Device Regulators Forum (IMDRF) Work Group on Medical Device Cybersecurity leading to its first international guidance publication in March 2020. She chairs CDRH’s Cybersecurity Working Group, tasked with formulating FDA’s medical device cybersecurity policy and has additionally served as co-chair of the Government Coordinating Council (GCC) for the HPH Critical Infrastructure Sector, focusing on the sector’s healthcare cybersecurity initiatives. Suzanne earned an MD from Albert Einstein College of Medicine; an executive MBA from NYU Stern School of Business, completed Cohort X of the National Preparedness Leadership Initiative – Harvard School of Public Health & Harvard Kennedy School of Government executive education, and earned in September 2018 a certificate of mastery for completion of requirements at the Federal Executive Institute – Leadership for a Democratic Society.

Cris Ewell
CISO, UW Medicine
Ewell, PhD, is CISO at University of Washington Medicine. Previously, he was CISO of Seattle Children's Hospital. Before that, he served as the director of information security operations at the University of Washington, chief security officer for PEMCO Corp. and chief technology officer for Breakwater Security.

Mitch Parker
CISO, Indiana University Health System
Parker is CISO at University of Indiana Health, based in Indianapolis. He formerly served as CISO at the four-hospital Temple University Health System as well as CISO for Temple's clinical faculty practice plan, Temple University Physicians. Previously, he was an information security consultant to the Defense Logistics Agency and others.

Chris Frenz
CISO, Interfaith Medical Center
Christopher Frenz currently serves as the AVP of Information Security for Interfaith Medical Center where he worked to develop the hospital's information security program and infrastructure. Under his leadership the hospital has been one of the first in the country to embrace a zero trust model for network security. Frenz has also played a role in pushing for the adoption of improved security standards within hospitals and is the author of the OWASP Secure Medical Device Deployment Standard as well as the OWASP Anti-Ransomware Guide.

Jigar Kadakia
CISO & CPO, Partners HealthCare
Kadakia has more than 17 years of information security experience across multiple industries, with a focus on health care delivery and projects such as HIPAA/HITECH assesments, Meaningful Use assessment, ICD-10 releted implementations, privacy program assessments and implementations, IT internal audit, and business associate risk management. Kadakia has spoken at many security and privacy forums/roundtables/conferences, and is a leader in the health care information security and privacy space. He has a Bachelor of Science degree in Chemical Engineering from the University of Cincinnati and a Master in Business Administration from Xavier University. He is CISSP, CIPP and HITRUST Certified. He is also certified in Risk and Information System Controls.

Michael McNeil
Global Security Officer, Philips
Michael McNeil is the Global Product Security & Services Officer for Royal Philips. McNeil leads global product security, ensuring consistent processes are deployed in the Healthcare market. McNeil was the former Global Chief Privacy & Security Officer at Medtronic; Chief IT Security Officer at Liberty Mutual Group; Global Chief Privacy Officer at Pitney Bowes, and Vice President, Chief Privacy Officer of Data Services for Reynolds & Reynolds. McNeil, provided expert testimony before Congress on Cybersecurity; and conducts training presentations worldwide. McNeil is a member of the Department of Health & Human Services Healthcare Cybersecurity Task Force; Chair of the MITA Cybersecurity Committee; Board member of National Health Information Sharing and Analysis Center.

Mark Bower
General Manager and CRO, Egress Technologies
Bower, who has two decades of experience at security companies in the U.S., Australia and the U.K., has expertise in data protection and information risk reduction. Before joining Egress, he headed product and business strategy for Voltage Security.

Prashanth Mekala
Supervisory Special Agent, FBI
Supervisory Special Agent (SSA) Prashanth Mekala has been a Special Agent with the FBI for approximately 15 years. He spent the first eight years of his career working on complex counterintelligence and espionage cases. From 2012 to 2014 he worked in FBI Headquarters as a Program Manager in the Counterintelligence Division - Economic Espionage Unit and the Cyber Division - Middle East/Africa Unit. For the past four years SSA Mekala has managed teams in the FBI New York Field Office focused on sophisticated nation state and criminal actors that leverage computer intrusions.

Mounil Patel
Field CTO, Mimecast
Mounil Patel has been part of the Mimecast team for over 9 years and currently holds the position of Field CTO. He has also held positions as Director of Sales Engineering, and VP of Strategic Field Engagement. Previously Patel was Global Practice Director managing pre-sales and services for EMC's Telco, Media and Entertainment division for archiving and backup products as well as Director of Data Restoration and e-Discovery services at Iron Mountain. Previously, he held CIO positions at Endeca Technologies and Phase Forward Incorporated.

Jennings Aske
CISO, New York-Presbyterian
Aske is the CISO for New York-Presbyterian. Prior to this he was VP Information Security & Chief Security Officer of Nuance Communications as well as Chief Information Security and Privacy Officer of Partners HealthCare. Prior to Partners, Aske was the Chief Information Security Officer for UMass Memorial Hospital. Aske was also the Chief Information Security Officer for the Commonwealth of Massachusetts's Executive Office of Health and Human Services, responsible for coordinating information security across the 16 state agencies. Aske is a licensed attorney in the Commonwealth of Massachusetts.

Mitch Parker
CISO, Indiana University Health System
Parker is CISO at University of Indiana Health, based in Indianapolis. He formerly served as CISO at the four-hospital Temple University Health System as well as CISO for Temple's clinical faculty practice plan, Temple University Physicians. Previously, he was an information security consultant to the Defense Logistics Agency and others.

Preston Duren
Director, Cybersecurity Operations, Fortified Health Security

Christopher Bontempo
VP Security Marketing, IBM Security
Chris Bontempo currently serves as Vice President of Security Marketing, Routes and Offerings for North America. He is responsible for demand generation and product marketing for IBM Security in the U.S. and Canada. Bontempo also focuses on route optimization and new offering launches for prospects, partners and IBM Digital. He joined IBM in 2005 and has led marketing teams in Market Intelligence, Cloud and IBM Security, which he joined in 2014.

Amanda Rogerson
Lead Healthcare Product Manager, Duo Security
Amanda Rogerson is part of the Product team at Duo, where she assists in establishing messaging needed to drive engagements regarding Duo Security's Trusted Access vision with a focus on the HealthCare Industry. She has more than two decades of experience working in tech, with the last five years being focused on access management and authentication. Through various roles in Product Marketing, Customer Success and Enterprise Sales, Rogerson has assisted companies of all sizes to understand how to successfully balance security with usability.
Session Contributors
Executive Director, Medical Device Innovation, Safety and Security Consortium
Read BioFormer Deputy Director of Health Information Privacy, Department of Health and Human Services' Office of Civil Rights
Read BioDirector, Office of Strategic Partnerships and Technology Innovation (OST) at FDA’s Center for Devices & Radiological Health (CDRH)
Read BioExecutive Director for Cybersecurity Healthcare and Public Health Sector Coordinating Council
Read BioSecurity Awareness and Training Strategist, Wombat Security, a division of Proofpoint
Read BioFounder and Principal, Lewin and Associates LLC; Chairman, National Coalition on Health Care
Read BioPartner, Data Privacy and Cyber Security Practice Group, Lewis Brisbois Bisgaard & Smith; former Supervisory Special Agent, FBI - NY Cyber Division
Read BioVice President, Strategy & Corporate Development, Enterprise Business Unit, Synchronoss
Read BioSenior adviser to the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (DHS CISA)
Read BioSVP & Chief Quality Officer and Associate Chief Medical Officer, Northwell Health
Read BioClient Executive - Security Services, Healthcare and Life Sciences, NTT DATA Services
Read Bio