Date: October 7, 2025
Time: 12 PM ET
Cybersecurity is now a defining factor in medical device business strategy. Hospitals and healthcare providers are scrutinizing device security and rejecting devices without sufficient protections, while regulators are making SBOMs and vulnerability management a must-have. At the same time, cyber incidents highlight the real operational, safety, and reputational risks associated with interconnected healthcare systems.
On October 7, 2025, at 12:00 PM ET, join Shane Fry, CTO of RunSafe Security, Patrick Garrity, Security Researcher at VulnCheck, and Phil Englert, VP of Medical Device Security at Health-ISAC for a discussion of the business implications of cybersecurity in medical devices grounded in real-world data and examples.
Key Takeaways:
- Observations from vulnerability intelligence, focusing on common technologies that underpin healthcare and medical devices, including trends in threat actor targeting and system exposure
- Discussion of the Black Basta ransomware attack on Ascension Health and vulnerabilities in MIRTH Connect, showing how cyber incidents impact operations, safety, and trust
- Survey findings showing how cybersecurity affects procurement and vendor selection, including why 46% of healthcare buyers have declined purchases due to cybersecurity concerns, and why 78% consider SBOMs essential in procurement
- Insights into regulatory drivers, including FDA premarket guidance, EU Cyber Resilience Act requirements, and hospital procurement processes, and how these influence both manufacturers and healthcare providers
- Strategies to move from compliance-focused approaches to resilience-driven cybersecurity practices that manage risk across devices, systems, and endpoints
Register now to secure your spot!
Meet the Speakers:
Shane Fry, CTO, RunSafe Security
Shane Fry is the Chief Technology Officer at RunSafe Security, Inc., with over a decade of cybersecurity experience on both offensive and defensive sides. He began his career conducting vulnerability assessments on platforms like Unix/Linux, Mac OS X, Android, and cloud systems. His research covers hardware and software security, focusing on secure boot, memory corruption, and web vulnerabilities. Shane consults on secure system design for private industry and government. Active in the Huntsville, AL startup scene, he co-taught a course on product investment frameworks and led a team to first place in an automotive hacking competition with Intel/McAfee, contributing to a public report on Automotive Security Best Practices.
Patrick Garrity, Security Researcher, VulnCheck
Patrick Garrity is a security researcher at VulnCheck where he focuses on vulnerabilities, vulnerability exploitation and threat actors. He is a seasoned cybersecurity professional with over 15 years of experience across solutions engineering, product and security research roles helping build and scale security startups including Duo Security, Censys, Blumira, Nucleus Security and VulnCheck.
Phil Englert, VP of Medical Device Security at Health-ISAC
Phil works with Medical Device Manufacturers (MDMs) to help improve privacy and security while coordinating with Health Delivery Organizations (HDOs) to ensure implementations are practical and achievable. Phil is a subject matter expert and contributor to Health-ISAC’s Medical Device Security Information Sharing Council (MDSISC). Phil is also active in the cyber security community and contributes to regulatory and standards efforts including HSCC, MITA, CISA, AAMI, MDIC, & MITRE. He has over 30 years of technical and operational leadership experience in healthcare and life sciences. Previous positions include Chief Product Officer at Medsec, Global Leader for Medical Device Technology at Deloitte, Vice President of Operations at MDISS, and National Director of Technology Operations at Catholic Health Initiatives.
