Medical Device Security (Part 2 of 3): Building an ROI-Based Business Case

September 16, 12:00pm, CDT - 1:00pm, CDT



Presentation Overview

The presentation will address the stakeholders involved in building a business case, determining level of efforts, and understanding what medical device security products offer to support the Medical Device Security Management Program.


Matt Dimino, Medical Device Security Consultant

Matt Dimino is an advocate to help our nation’s healthcare and public health sector recognize and prepare for tomorrow's cyber threat landscape. Mr. Dimino, HCISPP, is a medical device security consultant for CynergisTek, a top-ranked cybersecurity firm. Matt's prolific 13-year career involves roles such as clinical engineer, professor, and researcher and consultant for a non-profit public health and safety organization. Mr. Dimino holds a bachelor’s degree in clinical engineering and an MBA in healthcare and has earned numerous IT security industry certifications. Motivated by work that makes a difference, Mr. Dimino is proud to continue research and extend his expertise in the domains of education, medical device cyber threat mitigation and the implementation of prevention strategies.

Carrie Whysall, Director Managed Security Services

Carrie Whysall is the Director of Managed Security Services for CynergisTek. She is responsible for Vendor Security Management (VSM), Managed Security Service (MSS) and Medical Device Security. A healthcare veteran with over 20 years of experience in IT leadership, 12 of which have been specifically in security. Prior to joining CynergisTek, Carrie served as Senior Director of Security for Ascension Information Services, During her time there, she was part of the leadership team that implemented Ascension’s Security Operations Center (SOC) as well as the company’s eForensics, Security Training & Awareness, Medical Device Management, and Incident Response programs. Carrie was also responsible for the Access & Identity Management program which provided identity and access services for over 200,000 users across the Ascension system.

Presentation Agenda

  • Who are the stakeholders?
  • Identify and evaluate products
  • Cost Analysis
    • Data collection and evaluation (tool based and manual)
    • Overcoming data obstacles
  • Use cases
  • Wrap-up / QA