Agenda

Real-World Lessons From a 15-Year Security Transformation

After the med device industry was publicly exposed at a hacker conference, global medical device manufacturer Medtronic turned a moment of vulnerability into a launchpad for sweeping change. Overcoming Cyber-Defensiveness gives a raw and honest look at what it means to evolve. Hear how hackers sparked the strategic partnerships, cultural change, and long-term commitment that built an enterprise-grade security program from the inside out.
Nancy Brainerd, Medtronic

Tackle IoMT Security, Patching, and Device Diversity Challenges

Healthcare’s digital core is growing fast—as is the risk. In Future-Proofing Healthcare, experts explore how to remediate health systems vulnerabilities when patching is not feasible. By deploying risk-based remediation, healthcare can shift from reactive to resilient through context-aware risk modeling. Walk away with scalable strategies to secure even the most fragmented device ecosystems.
Christoper Warren, Asimily; Yan Kravchenko, Hennepin Healthcare

Navigate Risk Across the Healthcare Ecosystem

Today’s healthcare organizations manage a vast ecosystem of Internet of Medical Things (IoMT) devices that span everything from outpatient clinics to high-stakes surgical suites. Addressing Risk in Medical Technologies explores how to vet, integrate, and govern this growing footprint across diverse care environments while balancing innovation and legacy systems. It’s a session built for those who wrestle with complexity and are ready for clarity.
Michael DePorter, Optum

Confronting the AI Frontier in Healthcare

Large Language Models (LLMs) are revolutionizing everything from documentation to clinical decision-making—but they’re not without risk. If you’re curious or cautious about how these models fit into healthcare, Large Language Models in Healthcare: Balancing Innovation, Privacy, and Security Risks delivers a sobering yet empowering look at governance frameworks, model poisoning, and data protection. The AI genie is out of the bottle—this session helps you wield it wisely.
Dr. Vitaly Herasevich, Mayo Clinic

AM Keynote — Shawn Riley: Super Glue Strength and Special Powers: The Magic of a Multi-Government Defense

Escalating cyber threats, shrinking budgets, and rising expectations for secure digital services make isolated defense a losing strategy. This conversation explores the urgent need for governments at all levels—state, local, tribal, territorial, and educational—to come together through shared cybersecurity resources, infrastructure, and intelligence. This presentation will highlight the strategic value, cost-efficiency, and resilience that comes with collaboration.

Global Compliance Journey: Pitfalls and Successes 

Navigating global compliance requirements is a journey that requires some planning. Solventum shares a story that includes some of the pitfalls along their path as they worked hard to map out and meet the needs for more than one master. Hear how they successfully found a way to optimize controls and fit frameworks while simultaneously aligning customer needs and minimizing negative operational impacts.
Amy Brown, Solventum

From Dojo to Defense Desk: Cybersecurity as a Discipline

Your charge: create a core security culture. But how? Blue Team Budo draws parallels between martial arts and early-career cybersecurity training. Whether you’re new to InfoSec or mentoring the next wave, this energetic talk dives into skill-building, judgment development, and purposeful leadership. This inspirational “train smarter” blueprint is equal parts philosophy and practicality for the win.
Abraham Judisch, Hennepin Healthcare

What is a Red Team, Anyway?

Red team operations aren’t about flashy hacks or checking a box, they’re a strategic asset and can be crucial to securing your enterprise – but only if the timing is right! This session will unpack real-world case studies to explain how red teams can reveal blind spots—if the organization is ready for them. You’ll walk away ready to build or refine your offensive security program.
David Dobrotka, 3M

Make Segmentation and Compliance Actionable

This technical talk addresses the nuts and bolts of security execution. Healthcare Network Segmentation for a Safer Tomorrow brings tactical clarity to two big challenges. First, how to  address sprawling hospital networks without creating chaos.  Second, how to build a unified framework across a global organization. You’ll leave with concepts you can bring back to your team and drop in your playbooks.
Tim Walsh, Mayo Clinic

Innovating Safely in a World of Embedded Devices

The closing panel, Smart Security: Protecting Embedded Medical Devices talks to challenge of securing devices that are often invisible yet mission critical. Expect discussion on lightweight encryption, secure boot, and lifecycle resilience—tools that form the future-proof foundation of trustworthy care.
Facilitator: Phil Englert, Health-ISAC;  Panelists: Kyle Erickson. Solventum; John Kelcher, Medtronic; Shayana Vasichek, Abbott; Odutola “Tola” Amusan, Mayo Clinic

PM Keynote: Winning While Fearlessly Forward — Tim Crothers

The pace of cybersecurity change is relentless, with acceleration due in large part to the explosion of generative AI. For those working to secure systems and protect people, it can be overwhelming. Some are fighting furiously against the storm, others are fleeing the industry, and a few have just stopped still in time, having succumbed to the change storm’s mind-numbing freeze.