Virtual Cybersecurity Summit: Healthcare 2021

Ed Gaudet

CEO and Founder, Censinet

Ed is the CEO and Founder of Censinet. With more than 30 years of software experience across various executive leadership, product, marketing and sales roles, Ed has spent the last 10 years helping healthcare providers modernize and automate their cyber risk and security infrastructure. Ed is a member of the HHS CISA 405d CyberSecurity Working Group and various Health Sector Coordinating Council task groups for Cybersecurity, Supply Chain Risk Management, Medical Technology Contracts Language, and Emerging Technology

View all sessions by Ed Gaudet

Vimala Devassy

Regulatory Attorney, Partner, BakerHostetler

With nearly 20 years of experience representing healthcare industry professionals and entities, Vimy Devassy provides her clients with an indepth understanding of industry compliance and regulatory issues. She has broad experience structuring complex transactions among healthcare providers, negotiating a broad spectrum of industry relevant contracts, and advising clients on day-to-day regulatory and compliance matters, including fraud and abuse laws and health information laws. Certified as a Health Care Information Security and Privacy Practitioner (HCISPP) as well as an Information Privacy Professional (CIPP) by the International Association of Privacy Professionals, Vimy has extensive experience managing issues related to confidentiality, privacy and security of health information, including compliance with the rubric of laws relating to health information privacy such as the Health Insurance Portability and Accountability Act (HIPAA). Her work includes helping clients understand how to align their privacy and information security programs in compliance with applicable laws, respond to potential breach and security incidents, permissibly utilize and share their health data, and navigate complex privacy and security laws as they consider innovative new technologies and business opportunities.

View all sessions by Vimala Devassy

Nicholas Heesters

Attorney, Senior advisor for Cybersecurity, HHS Office for Civil Rights

Nicholas Heesters is a certified information privacy professional with over 25 years of experience supporting technology and information security efforts in many diverse industries including financial services, government, defense, education and healthcare. He earned a Master of Engineering in Computer and Software Engineering from Widener University and his Juris Doctor from the Widener University School of Law. Currently, Heesters works for the U.S. Department of Health and Human Services Office for Civil Rights supporting HIPAA compliance and enforcement activities.

View all sessions by Nicholas Heesters

Mikki Smith

CISO, Director, Cybersecurity & Enterprise Architecture, HHS

Ms. Malikah “Mikki” Smith serves as the Chief Information Security Officer (CISO) and Director of the Cybersecurity and Enterprise Architecture Division (CEAD), within the Office of the Chief Operating Officer (OCOO) at HHS’s Office of the National Coordinator for Health IT. Mikki tenure of government service with ONC has included serving as the resident cybersecurity expert for HealthIT policy and governance, operational technology and cross organizational collaboration. Mikki joined the ONC organization in 2015, bringing a wide breadth of Cybersecurity experience from multiple Federal and private sector roles spanning 15+ years of IT, Cybersecurity and Security Program acumen. She is considered an industry leader and expert in the area of information system security policies and procedures, applications and network security architectures, DoD and Management & Budget (OMB) and Federal IA and Security requirements. She has authored articles, contributed to key legislative and congressional publications, and leads global cyber initiatives. Mikki Smith has served as a Cybersecurity leader for agencies such as the Defense Health Agency (DHA), Department of the Interior (DOI) and Federal Emergency Management Agency (FEMA). She has led large, complex, multi-disciplined and multi-geographical cybersecurity teams and programs within the private sector and government space. A Certified Information Systems Security Professional (CISSP), Project Management Professional (PMP) and Certification and Accreditation Professional (CAP) she has been recognized and is continually awarded for her leadership and technical expertise

View all sessions by Mikki Smith

Stephen Dunkle

CISO, Geisinger Health

Dunkle is the enterprise Chief Information Security Officer at Geisinger, including the Geisinger Health Plan, Geisinger Commonwealth School of Medicine, and Keystone Health Information Exchange. Steve has over 35 years of experience in the information and physical security field. His professional tenure includes senior security leadership positions at Dow Corning Corporation, American Fidelity Assurance, Fleming/Core-Mark, Sallie Mae, Publix Super Markets, The Mosaic Company, and others. Steve specializes in information and cybersecurity program development and IT risk management. He holds a Bachelor of Science in Applied Management from Northwood University along with numerous certifications in information security, information system audit, and IT risk management.

View all sessions by Stephen Dunkle

Michael McNeil

SVP, Global CISO, Mckesson

Michael McNeil is the Global Product Security & Services Officer for Royal Philips. McNeil leads global product security, ensuring consistent processes are deployed in the Healthcare market. McNeil was the former Global Chief Privacy & Security Officer at Medtronic; Chief IT Security Officer at Liberty Mutual Group; Global Chief Privacy Officer at Pitney Bowes, and Vice President, Chief Privacy Officer of Data Services for Reynolds & Reynolds. McNeil, provided expert testimony before Congress on Cybersecurity; and conducts training presentations worldwide. McNeil is a member of the Department of Health & Human Services Healthcare Cybersecurity Task Force; Chair of the MITA Cybersecurity Committee; Board member of National Health Information Sharing and Analysis Center.

View all sessions by Michael McNeil

Gorka Sadowski

Former Gartner analyst and Chief Strategy Officer, Exabeam

Gorka is Chief Strategy Officer at Exabeam. In his role, he assists the executive team and functional leaders across the company with developing, communicating, executing and sustaining corporate strategic initiatives. Gorka has spent the last 30 years in security with experience spanning leadership roles across product management, sales, marketing and operations. Most recently, Gorka was senior director and security and risk management analyst at Gartner driving coverage for SIEM, SOC, and managed detection and response (MDR), while also leading research for IT leaders on emerging topics. Prior to Gartner, Gorka led business development at Splunk where he established and built the Splunk security ecosystem. Prior to Splunk, he established presence for LogLogic in Southern Europe, ran security activities for Unisys in France and launched the first partner-led intrusion detection and prevention system (IDPS) in the industry as lead for NetScreen’s Emerging Technology efforts. A certified CISSP, Gorka received a computer science degree from Universite de Pau in France before moving to the U.S. as a Ph.D. candidate in network security at the University of Miami.

View all sessions by Gorka Sadowski

Joshua Corman

CISA, Chief Strategist, Healthcare Sector

Joshua Corman is a Founder of I am The Cavalry (dot org), and serves as Chief Strategist for CISA regarding COVID, healthcare, and public safety. He previously served as CSO for PTC, Director of the Cyber Statecraft Initiative for the Atlantic Council, CTO for Sonatype, and other senior roles. He co-founded RuggedSoftware and IamTheCavalry to encourage new security approaches in response to the world’s increasing dependence on digital infrastructure. His unique approach to security in the context of human factors, adversary motivations, and social impact has helped position him as one of the most trusted names in security. He also serves as an Adjunct Faculty for Carnegie Mellon’s Heinz College, and was a member of the Congressional Task Force for Healthcare Industry Cybersecurity.

View all sessions by Joshua Corman

Jacki Monson

CISO, CTRO, & CPO, Sutter Health

Jacki Monson has extensive expertise in health care privacy and security law and compliance. For the past four years, she has been serving as the Vice President, Chief Privacy and Information Security Officer at Sutter Health in Sacramento, California where she administers and manages privacy and information security programs for Sutter Health and its affiliates. She provides advice and education to programs and constituents about HIPAA, HITECH and other information security and privacy laws and regulations

View all sessions by Jacki Monson

Sharat Chander

Director of Java Product Management, Oracle

Sharat Chander has worked in the IT industry for 20 years, for firms such as Bell Atlantic, Verizon, Sun Microsystems, and Oracle. His background and technical specialty is in Java development tools, graphics design, and product/community management. Chander has been actively involved in the Java Community for 15 years, helping drive greater Java awareness, acceptance, adoption, and advocacy. At Oracle, as the director of Java developer relations, Chander serves as the JavaOne conference content chairperson, a role he's filled for 7 years, where he drives the technical content strategy and Java community involvement in the conference. He is a frequent keynote speaker and participant in developer programs worldwide. Chander holds a BS in corporate finance from the University of Maryland and an MBA in international business from Loyola College, Maryland. You can find Chander at multiple global developer events and Java community engagements. When not growing visibility for Java, he follows his other passion for baseball and fanatically following his hometown Baltimore Orioles.

View all sessions by Sharat Chander

Cris Ewell

CSO and CPO, NRC Health

Ewell, PhD, is CISO at University of Washington Medicine. Previously, he was CISO of Seattle Children's Hospital. Before that, he served as the director of information security operations at the University of Washington, chief security officer for PEMCO Corp. and chief technology officer for Breakwater Security.

View all sessions by Cris Ewell

Meredith Harper

VP, CISO, Eli Lilly and Company

Harper joined Eli Lilly & Co. in August 2018 as deputy CISO and became vice president and CISO for the company's global information security program in April 2019. She is an active member of the Health Care Compliance Association and the International Association of Privacy Professionals and holds dual certifications in healthcare compliance and privacy. Meredith has 26 years of experience in her field.

View all sessions by Meredith Harper

Ed Jackowiak

President, CyGlass

Ed Jackowiak is globally responsible for all revenue generating activities at CyGlass. With over 25 years of experience in executive business development and sales roles, Ed has served in numerous sales leadership roles leading to successful exits. He has held senior sales leadership roles at Aurionpro Solutions, Vordel (acquired by Axway), Bridgestream (acquired by Oracle), Kavado (acquired by Protegrity), and Netegrity (acquired by Computer Associates). Ed holds a Bachelor of Science degree in Finance, Management, and Administration from Indiana University, Bloomington, IN.

View all sessions by Ed Jackowiak

David Finkelstein

Information Security Officer, St. Luke’s University Health Network

David B. Finkelstein was born in Philadelphia, Pennsylvania but grew up in Greentown, Pennsylvania until he was seventeen. He studied criminal justice at Temple University and went on to Widener University School of Law. A year after graduating law school in 2007 David decided to pursue his lifelong goal of entering the United States Army as an Officer. On September 11, 2009 David was commissioned a Second Lieutenant in the Signal Corp branch, responsible for maintaining all Army technology and communications. David spent the next five and half years on active duty responsible for the IT infrastructure and Information Security. David is now in the United States Army Reserves and is currently with the 365th Engineering Battalion. In his military career, David, has been accountable for over 6,000 Soldiers across many states, to include Alaska, Kansas, Colorado, Virginia, Missouri, New York and Pennsylvania. David has spent the last 14 years in Cyber Security and technology. He is passionate about making a difference and effecting change through security best practices that have an impact to any business. In 2014, with encouragement from friends, colleagues and family David decided to take on the biggest challenge of his career and go into healthcare. David has been with St. Luke’s since 2014 and is enjoying every aspect of his career and professional growth. Over the last 6.5 years David, has seen St. Luke’s go through many changes in the way they think about Information Security, Cyber protection, managing data and understanding its overall need in the organization. In his free time, David is an avid outdoorsman and family man. He enjoys spending time with his wife Nicole and his 4 children. He loves to hunt and fish and spend time outdoors with his family teaching them the value of nature and living off the land.

View all sessions by David Finkelstein

Amber Johanson

Vice President Sales Engineering, North America, Forcepoint

Amber Johanson is the Vice President for the Sales Engineering organization for Canada and the US. In this role, Ms. Johanson leads systems engineering – working with customers across all segments to improve their ability to protect and manage critical information. She brings comprehensive and long-term solutions to North America in cooperation with organizations, strategic integrators, and other leading Security and data management vendors. Ms. Johanson has served in a variety of roles during her 20+ years in the industry, including US private and public sector, Canada, Latin America, and Global. She is a proud veteran of the US Navy.

View all sessions by Amber Johanson

Mitch Parker

CISO, Indiana University Health System

Parker is CISO at University of Indiana Health, based in Indianapolis. He formerly served as CISO at the four-hospital Temple University Health System as well as CISO for Temple's clinical faculty practice plan, Temple University Physicians. Previously, he was an information security consultant to the Defense Logistics Agency and others.

View all sessions by Mitch Parker

Suzanne Schwartz, MD

Director, Office of Strategic Partnerships and Technology Innovation (OST), FDA’s Center for Devices & Radiological Health (CDRH)

Suzanne B. Schwartz, MD, MBA is the Director of the Office of Strategic Partnerships and Technology Innovation (OST) at FDA’s Center for Devices & Radiological Health (CDRH). Suzanne’s work in medical device cybersecurity includes raising awareness, educating, outreach, partnering and coalition-building within the Healthcare and Public Health Sector (HPH) as well as fostering collaborations across other government agencies and the private sector. Suzanne has been recognized for Excellence in Innovation at FDA’s Women’s History Month for her work in Medical Device Cybersecurity. Together with Health Canada, Suzanne has represented FDA in co-chairing the International Medical Device Regulators Forum (IMDRF) Work Group on Medical Device Cybersecurity leading to its first international guidance publication in March 2020. She chairs CDRH’s Cybersecurity Working Group, tasked with formulating FDA’s medical device cybersecurity policy and has additionally served as co-chair of the Government Coordinating Council (GCC) for the HPH Critical Infrastructure Sector, focusing on the sector’s healthcare cybersecurity initiatives. Suzanne earned an MD from Albert Einstein College of Medicine; an executive MBA from NYU Stern School of Business, completed Cohort X of the National Preparedness Leadership Initiative – Harvard School of Public Health & Harvard Kennedy School of Government executive education, and earned in September 2018 a certificate of mastery for completion of requirements at the Federal Executive Institute – Leadership for a Democratic Society.

View all sessions by Suzanne Schwartz, MD

Rob Suárez

VP, CISO, Becton, Dickinson and Company

Rob Suárez is a cybersecurity and privacy professional in the medical device and healthcare IT industry. At BD, Rob serves as Chief Information Security Officer and oversees cybersecurity across the company’s enterprise, IT and manufacturing systems. Rob currently chairs the Cybersecurity Steering Committee for the Medical Device Innovation Consortium and the Cybersecurity Working Group for AdvaMed. He was also one of three leaders to co-chair the public-private Healthcare and Public Health Sector Coordinating Council (HSCC) Med Tech Cybersecurity Risk Management Task Group that issued the seminal Medical Device and Healthcare information Technology Joint Security Plan (JSP) in 2019.

View all sessions by Rob Suárez

Omar Khawaja

CISO, Highmark Health

Omar has been developing and managing security solutions for startups, service providers, consulting firms and enterprises. He is currently CISO at Highmark Health, an $18 billion integrated health care delivery and financing system, employing 40,000 and serving 50 million Americans. Prior to Highmark Health, he was at Verizon Enterprise Solutions, where he was responsible for a portfolio of security solutions with customers in 72 countries. Omar believes the right people are the greatest asset of any security program and relentless incrementalism is the ultimate weapon in combating cyber risk. He believes security programs should be business driven and technology ought to be subordinate to business outcomes and service improvements. To get the Why-What-How sequence right when selecting and executing initiatives, he developed the BOSITE framework. These days, Omar's passions lie in three areas: people, measurement and change management. Omar currently serves on the boards of: HITRUST, Leadership Pittsburgh, Action Housing and FAIR Institute; on the Governing Body of Evanta; on the CISO Workgroup of BCBSA; and adjunct faculty for the CISO program at Carnegie Mellon University. In addition, he serves as an advisor to half a dozen tech firms. Omar's certifications include: CISSP, CCSK, CCSP, CPHIMS, SAFE Agilist and FAIR Risk. He has a BS in Electrical Engineering from Georgia Tech and an MBA from Darden School of Business at the University of Virginia.

View all sessions by Omar Khawaja

Matthew Hickey

Director of Sales Engineering, Sophos

Matthew Hickey is a Director of Sales Engineering, at Sophos. He works in the trenches with Sophos technical experts and customers to determine how current threats, including ransomware and signatureless exploits, are causing businesses to rethink their security strategy. This expertise gives Hickey a “real-world” view of the threat landscape, and provides IT managers with direction for security deployment based on vulnerabilities, attack type and how employees work today – on the go with mobile devices, with remote access to the network on laptops, in the cloud, etc. Hickey got his start in the field of Information Security working for SIAC (Securities Industry Automation Corporation), at the time, a subsidiary of the New York and American Stock Exchanges. This experience, on one of the most demanding production networks, gave him unique insight in the challenges facing network operations staff. After working several years on Wall Street he continued honing his skills in this field at Lockheed Martin. There he worked on several projects for the Department of Defense. This work included conducting security audits, penetration testing and developed network security operational guides for very high profile, security conscious customers. Prior to Sophos, Hickey worked with the leaders in the security industry, including Dell-SonicWALL, Brocade and Fortinet, to help deploy network security solutions for customers in both the commercial and federal verticals. As a well-versed security veteran, Hickey is a frequent speaker at industry events for IT and channel partner audiences.

View all sessions by Matthew Hickey

Martin Littmann

CISO, Kelsey-Seybold Clinic

Martin Littmann is the Chief Information Security Officer for Kelsey-Seybold Clinic and is responsible for IT Architecture & Strategy, Infrastructure, Network and Information Security. Mr. Littmann holds a Bachelor of Science in Geology and began his career as a geothermal exploration geologist, later transitioning into information technology development and architecture roles. He has over 30 years of global business experience spanning healthcare, energy, manufacturing and consulting. He has served in roles across the IT spectrum including application development and delivery, infrastructure, information security, and customer service. Over the last 15 years he has been heavily focused on Critical Infrastructure and Information and Cyber Security. Littmann has served as the Healthcare Cross Sector Chief for the Houston InfraGard chapter as well as on numerous tech company customer advisory boards.

View all sessions by Martin Littmann

Anahi Santiago

CISO, Christiana Care Health System

As Christiana Care Health System's Chief Information Security Officer, Anahi Santiago is charged with providing strategic direction and oversight to a comprehensive security program, policy development, standards and controls implementation, training and awareness, regular risk assessment and mitigation, as well as partnerships with internal and external auditors. She also regularly collaborates with state and federal regulatory bodies and actively contributes to proposed state and federal regulations that govern privacy and information security. Before joining Christiana, Santiago provided similar support for the Albert Einstein Healthcare Network at a director level.

View all sessions by Anahi Santiago

Marty Momdjian

Healthcare Solutions Advisor, Sirius Healthcare

Marty Momdjian is a Healthcare Solutions Advisor at Sirius Healthcare. He is responsible Identity & Access Management integration with EHR (Epic), and is heavily involved with clinical applications and infrastructure. Momdjian has over 10 years of enterprise-level architecture experience, and 8 years of experience specializing in healthcare IT. At Sirius, he works with healthcare organizations to provide strategic direction and technology solutions that fit the needs of the business, clinicians and patients.

View all sessions by Marty Momdjian

Matthew Radcliffe

AVP, Healthcare, Sailpoint

Matthew Radcliffe, AVP - Healthcare, has spent the past 25 years supporting the design, development and deployment of security-based software and technology products and services. Matthew has extensive experience collaborating with healthcare provider and financial payment organizations in the establishment of identity and data governance strategies. Matthew received a Bachelor of Science in Engineering for the Massachusetts Maritime Academy

View all sessions by Matthew Radcliffe

Christopher Hertz

VP of Cloud Security Sales, Rapid7

Chris is the VP of Cloud Security Sales for Rapid7, where he combines his technical background and cloud technology expertise with his love of sales and marketing. Chris leads a team of solution architects, marketing, and sales professionals who partner with customers to deeply understand their goals and challenges, and provide the education, insights, and solutions they need to run cloud and container environments securely and compliantly.

Chris served as DivvyCloud's Chief Revenue Officer prior to Rapid7's 2020 acquisition. Prior to his leadership position at DivvyCloud, Chris was founder and CEO of New Signature, a systems integrator, and managed service provider. Under his leadership, New Signature helped hundreds of companies adopt and operate Microsoft Azure and Office 365, achieved 12 years of consecutive double-digit revenue growth, and won more than 120 awards, including being named twice as Microsoft's United States Partner of the Year

View all sessions by Christopher Hertz

Thomas Martin

Founder, NephōSec and Former CIO at GE

Thomas Martin is the founder of NephōSec, where he and his team help startups to Fortune 500 multinational companies - spanning industries as diverse as consumer retail, travel, and financial services - securely adopt cloud-based technologies. His team has pioneered automated remediation in thousands of cloud accounts under monitored management with individual resources in the millions.

As a prior CIO and technologist at the General Electric Company, he has led the migration of 9,000 legacy workloads to public and private cloud infrastructure. Since leaving GE in 2017, Thomas has dedicated his efforts to helping companies and technologists by sharing his in-depth expertise and insights related to enterprise cloud adoption, application migration, and the management of cloud technologies at scale.

View all sessions by Thomas Martin