- (nothing scheduled now)
- August 27, 2019: Make Sure You Know How to Swim (Hack) Before You Dive into the Medical Device Cybersecurity Sea presented at Bay Area MedTech – Medical Technologies Group in San Francisco.
- Building a device that will connect to the Internet without addressing cybersecurity is like swimming in the deep end without ever having taken swimming lessons.
- “Somebody Else’s Problem”, an effectively-magical field that obscures things you think aren’t relevant to you, such that even though you see them (or hear them or read them) you don’t actually *notice*, and quickly forget. (Douglas Adams)
- The FDA is “not aware” of any instances where a patient has been harmed due to a cybersecurity incident.
- “To work in this field, you have to become devious yourself. You have to think like a malicious attacker to find weaknesses in your own work…” (Ferguson, Schneier, & Kohno, 2010)
- NETWORK-CONNECTED MEDICAL DEVICE ECOSYSTEM
- Include Security in the Design Stage
- “Minimum Viable Product”
☛ a network-connected product is not viable if it is not secure
- “Minimum Viable Product”
- “Hippocratic Oath for Connected Medical Devices”
- Defcon27 – Las Vegas, NV – Aug 8-11, 2019 – Biohacking Village
- The Future: Remote Monitoring
- On December 11, 2018, David led the INTERACTIVE WORKSHOP: Cybersecurity For Medical Devices Is A “Team Sport” at the Connected Devices: Cybersecurity & Compliance Summit in San Francisco at the Kabuki Hotel. See http://connected-devices-summit.com. This interactive workshop focused on how device developers can collaborate with hospitals and clinics. This interactive session was conducted by a team with diverse backgrounds, including a hospital CIO, a clinical engineer, a hospital information security officer, and two neutral cybersecurity consultants to facilitate and moderate.
- Key points:
- medical device manufacturers need to work with healthcare delivery organizations as partners
- medical devices can be not only targets of attacks, but entry points for attacks on the network
- the network-connected medical device ecosystem includes more than 20 entities inside and outside of healthcare delivery organizations
- recognize that when these entities start to work together as groups, they go through the forming, storming, norming, and performing stages
- defending network-connected medical devices requires thinking like an attacker
- train health care providers to recognize device behavior that could indicate compromise
- monitor network traffic to detect anomalous behaviors
- include cybersecurity in pre-procurement screening
- practice incident response to be ready in case something happens
- Key points:
- The Silicon Valley Chinese Technology & Business Association organized its 2018 Tech Smart City Conference: AI, Data Science, Blockchain, Smart Manufacturing, May 11, 2018 at the San Jose City Hall and I was on the Blockchain Use Cases For Smart City Security panel. See http://www.smartcityconference2018.com.
- Attended 44th Annual Asilomar Microcomputer Workshop, April 25-27, 2018 and gave a presentation on Network-Connected Medical Devices: What Could Possibly Go Wrong? It is a great group with an eclectic range of interests. See http://www.amw.org.
- Moderated the Security for Network-Connected Medical Devices panel as part of the Symposium on Securing The Internet of Things (http://securingthenet.com) on March 7, 2018 in Burlingame, CA.
- Network-Connected Medical Devices: What Could Possibly Go Wrong? was very well received by a standing room only audience at Triple Ring Technologies’ MedTech Frontiers event on March 1, 2018 in Newark, CA. See http://www.tripleringtech.com/category/medtechfrontiers/
- Blockchain and IoT presented at the Silicon Valley Insurance Accelerator Blockchain Bootcamp in Palo Alto on December 6, 2017. See http://sviaccelerator.com/insurtech-bootcamp-block-chain-01/
- Blockchain and IoT webinar at the free online Global IoT DevFest Virtual Conference on November 8, 2017. See http://globaliotfest.withthebest.com
[link to video]
- Blockchain and its applications in IoT – plenary session talk at the 38th IEEE Sarnoff Symposium at the New Jersey Institute of Technology on September 18, 2017. See https://ewh.ieee.org/conf/sarnoff/2017/. To request slides, please use Contact Form on this web site.
- Blockchain and the Internet of Things: Professional and Technical Consultants Association – June 13, 2017 – a presentation explaining how Blockchain technology works and how it is being adopted for a variety of IoT use cases. See https://patca.org/meetup/patca-evening-networking-discussion-meeting-30/
- What You Need to Know About Blockchain for the Internet of Things: Consultants Network of Silicon Valley IEEE Chapter – January 10, 2017 – with Dr. Ryan Orr and Maurizio Greco of Chronicled, Inc. and Zaki Manian of Skuchain – Details at https://californiaconsultants.org/event/what-you-need-to-know-about-blockchain-for-the-internet-of-things/ – Presentations available for download.
- Webinar for Project Management World: “Project Management for Blockchain”, June 8, 2017 – Tim Christensen of Data Chain Solutions, formerly CEO, blockchain software development company, HyperFlow Software, and Timothy Ruff, CEO of Evernym were panelists.
The webinar provided both an overview of blockchain technology and a deeper dive on some applications, including perspectives on managing blockchain projects. Webcast recording at WEBCAST
- “Workshop on Blockchain” session moderated at at Open Innovation Club at PRIME and French Tech Hub office, November 2, 2016.
- BLOCKCHAIN SYMPOSIUM– IT’S NOT JUST ABOUT BITCOIN AND FINANCE: Opportunities for the Internet of Things, Healthcare, and More – June 9, 2016 – Redwood City CA (conceived and produced half-day meeting with 10 panelists and more than 70 attendees) See http://events.42tek.com – Presentations available for download. Resources list periodically updated.
- “Moving the Internet of Things & Machine-to-Machine Communication into the Home & Hospital” session moderated at Wireless Medical Devices Conference – December 4, 2014 – McEnery Convention Center, San Jose CA – http://tinyurl.com/42WirelessMed
- “Mobile and Remote Monitoring for Disease Management session moderated at “Northern California Chapter of HIMSS Healthcare Technology Innovation Showcase – March 31, 2015 – San Jose, CA http://tinyurl.com/NorcalHIMSS31March
- “Technology Innovations & Physician Entrepreneurs Panel” session moderated at Northern California HIMSS Innovation & Technology Summit – January 16, 2014 – Citrix, 4988 Great America Pkwy, Santa Clara, CA. Click here for details.
- “Using Smartphones to Increase Security” session moderated at Amphion Forum – December 12-13, 2013 – Grand Hyatt San Francisco 345 Stockton St., San Francisco, CA
- “An Inside Look at Interoperability in the Hospital Ecosystem: Hospital IT, Infrastructure Provider, and Wireless Utility Perspectives Unveiled” session moderated at Wireless Medical Devices West – December 3-5, 2013 – McEnery Convention Center, San Jose http://tinyurl.com/WirelessMEDWest Click here for presentation, including document references.
- Global Mobile Internet Conference Mobile Health Track – October 23, 2013, Moscone Center, San Francisco, CA (conceived and produced full-day session comprised of four panels with 17 panelists and over 170 attendees)
Other Presentations and Publications:
- Article regarding Authentication and ID Management in the November 2013 HIMSS Business Edge newsletter.
- “What Do The Numbers Mean” – presented at Healthcare Unbound – July 12, 2013 – University of Colorado, Denver CO
- “Healthcare Information Technology & Poverty” – presented at Social Innovation Leadership Forum – April 5, 2013, Santa Clara County Office, San Jose, CA
Organizer of the SVForum Healthcare IT Special Interest Group Series (2011 – 2014):
- Sensors, Wearables, and Interoperability – September 17, 2014 References and slides at http://www.meetup.com/SVForum-HealthcareITSIG/events/202924462/
- Avoiding Medical Device Security Failures – May 13, 2014 http://www.meetup.com/SVForum-HealthcareITSIG/events/179959072/ (includes links to several references)
- How Startups Can Demonstrate Value in “Evidence-Based-Medicine” – April 8, 2014 See references at http://www.meetup.com/SVForum-HealthcareITSIG/events/172373932/
- Where is Healthcare Info Tech Headed Relative to Your Business? – January 14, 2014 Slides are at http://www.meetup.com/SVForum-HealthcareITSIG/files/
- Hospital and Physician Office Work Flows Relative to Healthcare IT – November 12, 2013
- Healthcare Technology for the Aging Population – September 10, 2013
- Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules – July 9, 2013
- How to Meet Healthcare IT Staffing Needs – May 14, 2013
- Mobile Health (with Mobile Internet SIG) – April 4, 2013
- Moving from Volume-Based Care to Value-Based Care – March 12, 2013
- Emergency Medicine Information Management – February 2013
- Remote Monitoring and the Patient-Centered Medical Home – November 2012
- Social and Mobile Innovations in Health – September 2012
- Insights on Investing in Healthcare Technology – July 2012
- Medical User Interfaces – March 2012
- Connected Health Safety – Jan 2012
- Mobile Health – Aug 2011