Past Events
Medical Device Security 101
The Center for Medical Device Cybersecurity is proud to host Medical Device Security 101. This full-day event, sponsored by MedCrypt and chaired by Boston Scientific's Global Director of Product Security, Dan Lyon, will feature a number of speakers who will be sharing their different perspectives on medical devices and healthcare security.
This event will be held on April 11, 2022 from 8 am-4 pm. Registration is now closed.
For a full list of speakers, the agenda and other important information visit the Medical Device Security 101 event page.
Medical Device Security 101 is a proud part of the Institute for Engineering in Medicine's (IEM) Innovation Week at the University of Minnesota. Visit the IEM Week web page to learn more about each event.
Lunch & Learn: Careers in Medical Device Cybersecurity | Technological Leadership Institute
Join us on June 3 for Careers in Medical Device Cybersecurity, a lunch and learn co-hosted by the University of Minnesota's Technological Leadership Institute (TLI) and Center for Medical Device Cybersecurity (CMDC).
The need for professionals who understand cybersecurity and its importance in the medical device industry is growing rapidly. Whether it involves identifying vulnerabilities, evaluating risk, or mitigating it through design, there is a growing shortage of individuals with the training necessary to work in this evolving and competitive field. Hear how three alumni from TLI's M.S. in Medical Device Innovation and M.S. in Security Technologies have used their training to advance their careers.
About the Panelists
Andrew Bomett is the Senior Manager of Product Security at Boston Scientific, focused on the safety and security of the company’s products, applications and supporting infrastructure. Before that, he was a principal security analyst in Mayo Clinic’s Clinical Information Security team. He has over 10-years’ experience in risk-driven healthcare security architecture, ranging from embedded systems to IT infrastructure, with a focus on medical device security. Andrew holds a bachelor’s degree in computer science from Southwest Minnesota State University and a master’s degree in security technologies (MSST) from the University of Minnesota. He is certified as both CISSP and GCFE.
Shruti Iyer is a Senior Software Reliability Engineer at Medtronic, specializing in medical device therapies managing advanced-stage heart failure. Shruti has an M.S. in Medical Device Innovation from the University of Minnesota-Twin Cities (2016). She is a medical device leader with a passion for empowering patients to manage their own health. Shruti is a subject matter expert in end-to-end medical device product development with 7+ years of experience. As a reliability engineering professional, she drives complex and timely risk management decisions in a highly regulated environment and solves product quality throughout the pre-market development cycle. Shruti champions Design for Reliability and Manufacturing best practices while designing statistical models to predict and grow product performance. She has facilitated in voice of the customer, as well as post-submission activities, including product launch and downstream marketing. Shruti is a team-oriented and strategy-focused leader with the ability to transform abstract and complex problems into tangible and simple solutions.
Judd Larson is a 2016 graduate from the M.S. in Medical Device Innovation program. He also earned a minor in Cybersecurity through the M.S. in Security Technologies program. His security career started at a major Minnesota healthcare delivery organization. He currently serves as a Senior Technologist in Medtronic’s Global Product Security Office. The day-to-day device security activities that Judd deals with in his role are vulnerability assessments, public vulnerability disclosures, global medical device security regulation implementation, and stakeholder education.
This Event Has Ended. Please Watch the Recording and Check Back for Future Events.
Center for Medical Device Cybersecurity Virtual Symposium
The Center for Medical Device Cybersecurity Symposium is part of IEM Innovation Week at the University's 2021 Design of Medical Devices Conference which will be held virtually in 2021. The Symposium is an opportunity to share prospectives, initiatives and updates from government, academia and industry on the latest trends and threats in medical device cybersecurity.
Morning presentations via zoom feature both University and industry experts in medical device Cybersecurity. The afternoon features a live "capture the flag" event hosted by Archimedes.
Organizers:
Greg Peterson, University of Minnesota
Ken Hoyme, Boston Scientific Corporation
Bill Aerts, Archimedes Center for Healthcare and Device Security
Symposium Presentations:
| 7:45 am | Welcome and Introduction Katey Pelican, Co-Director Strategic Partnerships and Research Collaborative (SPARC), University of Minnesota |
| 8:00 am | "H-ISAC's Impact on Cybersecurity Today" Errol Weiss, CSO, Health Information Sharing and Analysis Center (H-ISAC) |
| 8:25 am | "HSCC's Impact on Cybersecurity Today" Greg Garcia, Executive Director, Healthcare Sector Coordinating Council (HSCC) |
| 8:50 am | "MDIC's Impact on Cybersecurity Today" Jitesh Veetil, Program Director, Medical Device Innovation Consortium (MDIC) |
| 9:15 am | "U.S. FDA's Impact on Cybersecurity Today" Kevin Fu, Director Medical Device Security, U.S. Food and Drug Administration |
| 9:40 am | Break |
| 10:00 am | "Emerging Research Themes in High Assurance and Security" Sanjai Rayadurgam, Director, Software Engineering Center, University of Minnesota |
| 10:20 am | "Security Analysis and Hardening When You Only Have a Binary" Stephen McCamant, Associate Professor, Department of Computer Science & Engineering, University of Minnesota |
| 10:55 am | "Digital Biosecurity" Corey Hudson, Security Manager, Sandia National Laboratories |
| 11:20 am | "Medical Devices Security - Operational Practices and Business Impact" Kevin Wright, Information, Security Office, Optum |
| 11:50 pm | Introduction to the Capture the Flag Event Bill Aerts, Archimedes Center for Healthcare and Device Security |
| 12:00 pm | Break |
Archimedes Capture the Flag Event
Monday, April 12, 1:15 - 5:00 pm CDT (UTC -5)
What is a Capture The Flag (CTF)?
Individual or Teams of Hackers (you) work to defend a hospital under siege, racing against the clock. The immersive, "learn by doing" environment will challenge hackers to use their skills to anticipate, defend, and recover, as their adversary escalates their attacks throughout the game.
Be part of the live exercise on April 12 and get hands on experience working on medical device security challenges. Participants will download simulated device security "problems" to be discovered and solved. This event is for intermediate or advanced individuals or teams (limited to five individuals per team), this is not recommended for beginners.
Capture the Flag Leads from the Biohacking Village are Nina Alli and Šarka Pekarov