AdvaMed® Cybersecurity Summit

Erin Bissonnette brings over two decades of experience in the pharmaceutical and medical device industries, with the last 7 years dedicated to advancing product security in med devices. Most recently, Erin led a transformative initiative to remediate years of accumulated cyber debt in just 12 months. In the session “Strategizing for End of Support,” Erin will candidly share insights from that journey: expect real talk, hard-won lessons, and practical tips for anyone facing down technical debt in their own organization. 

Greg Garcia is the Executive Director of the Health Sector Coordinating Council Cybersecurity Working Group, the government-recognized critical infrastructure industry advisory council of more than 470 healthcare providers, pharmaceutical and medtech companies, payers and health IT entities partnering with government to identify and mitigate cyber threats to health data and research, systems, manufacturing and patient care.  

In 2006, Greg was appointed by President George W. Bush as the nation’s first Assistant Secretary for Cybersecurity and Communications with the U.S. Department of Homeland Security (since reorganized as the Deputy Director of the Cybersecurity and Infrastructure Security Agency). One of his signal achievements in this role was conceiving and initiating creation of the National Cyber and Communications Integration Center, the nation’s 24×7 public-private partnership for cybersecurity watch, warning, analysis and incident response.  

He also served as executive director of the Financial Services Sector Coordinating Council, stood up the I.T. Sector Coordinating Council, and held senior executive positions with Bank of America, 3Com Corporation, Information Technology Association of America, and American Electronics Association, all with the responsibility of driving change in public policy and business operations to strengthen the security and resiliency of the nation’s critical infrastructures.  

Greg served as a professional staff member on the Committee on Science in the U.S. House of Representatives, where he helped draft and shepherd enactment of the Cyber Security Research and Development Act of 2002.  

Greg is a former member of the Information Security and Privacy Advisory Board, a government/industry committee advising the Secretaries of Commerce and Homeland Security, and the Director of OMB, on national information security and privacy policy.  

Greg is a 2024 recipient of the Malcolm Baldrige Foundation Award for Leadership Excellence in Cybersecurity. 

Randy Horton is Chief Solutions Officer at Orthogonal, a software developer for Software as a Medical Device (SaMD), digital therapeutics (DTx) and connected medical device systems. Randy (and Orthogonal’s) mission is to improve patient outcomes faster by accelerating the development of of SaMD by fusing the best of modern product development and software engineering practices with deep MedTech expertise in device compliance, safety and effectivness. 

Horton co-chairs for AAMI Software Management Working Group #10 and the associated Technical Inforamtion Report #115 committe working on guidance for the Appropriate Use of Public Cloud Computing in Support of Medical Device Functions.  

Much of Randy’s career has been centered on working with healthcare and life sciences organizations from a digital transformation angle to tackle the problems summarized in The Quadruple Aim: Improving the individual experience of care, improving the health of populations, reducing the per capita costs of care, and improving the work life of those who deliver care. 

Horton regularly speaks on SaMD and related topics at a variety of industry conferences and webinars including ones hosted by RAPS,AdvaMed®, AAMI, KENx, HLTH/VIVE, the Healthcare Products Collaborative (f.k.a. Xavier Health) as well as numerous for-profit conferences.  Horton has also guest lectured at Yale, Northwestern, the University of Michigan, University of Chicago and University of California – San Francisco/Berkeley. 

An undergraduate of the University of Michigan who was then in the first graduating class from Michigan’s School of Information, Randy credits much of his passion for creative thinking and being a connector of people and ideas to his years as a Montessori preschool student. 

Samantha Jacques, PhD, FACHE, AAMIF, FACCE is the Vice President of Clinical Engineering at McLaren Health. She manages medical technology throughout the McLaren system including 13 hospitals, ambulatory surgery centers, imaging centers, and Michigan’s largest network of cancer centers. Prior to McLaren, she was Director of Clinical Engineering at Penn State Health and Texas Children’s Hospital.  She is also Vice Chair of the Health Sector Coordinating Council – Cybersecurity where she advises the US Government on behalf of the health sector. She has previously sat on the Boards of healthcare associations including AAMI and ACCE. She has also published a book titled “Introduction to Clinical Engineering” and adjunct teaches in the field of cybersecurity.

She has a BS in Biomedical Engineering from Milwaukee School of Engineering and a PhD in Biomedical Engineering from Louisiana Tech University. 

Michelle Jump is the CEO at MedSec, where she is responsible for providing strategic leadership, training and advisory services to the medical device industry in the area of cybersecurity compliance, global regulations, standards, product security program development, and security risk management. Ms. Jump has a passion for bringing technology-based solutions to healthcare, actively participating in a variety of domestic and international standards, as well as relevant industry and governmental initiatives to support security within the healthcare industry. Ms. Jump holds a Master of Science in Regulatory Science from the University of Southern California and a Master of Science in Biotechnology from California State University. She is also RAC certified and a Certified HIPAA Administrator. 

Brendan O’Leary advises technology developers, healthcare organizations, trade and professional associations, and others on digital health and medical technology development, evaluation, and regulation.

Brendan worked at the FDA for 14 years in a variety of roles focused on medical devices, diagnostics, and digital health. Most recently, he served as the founding Deputy Director of the FDA’s Digital Health Center of Excellence. Throughout his career at the FDA, Brendan contributed to hundreds of precedent-setting decisions and co-authored dozens of policies that continue to provide the foundation for the FDA’s digital health efforts. He frequently represented the FDA on digital health and other topics at conferences and professional society meetings, in press interviews, and in interactions with Congress. Brendan also made significant contributions to the federal government’s response to SARS-CoV-2.

Early in his career, Brendan designed and developed tools that were used by NASA astronauts to repair the Hubble Space Telescope. He has a B.S. in Mechanical Engineering from the University of Maryland, College Park.

Justin Post is currently a Policy Analyst (Cybersecurity) in the Immediate Office – Digital Health within CDRH’s OPEQ. The Immediate Office – Digital Health contributes to FDA’s digital health policy and to digital health related programs and activities. It also provides leadership and support to OPEQ staff with premarket and postmarket reviews in alignment with FDA guidance documents with digital health content. As part of the Immediate Office – Digital Health, Justin is primarily focused on premarket and postmarket cybersecurity policy development and implementation across OPEQ’s Office of Health Technology (OHT) 1 through 8.  

An active leader supporting Medtronic’s product security programs and reports to Medtronic’s Chief Regulatory Officer. Advise product teams on cybersecurity regulatory strategy and working on key regulatory legislation/guidance/standards such as FD&C 524B. Also spent over 21 years with Eli Lilly and Company including building Lilly’s product security program supporting Digital Health including connected diabetes management products. Actively engaged as a leader in many medical device security and digital health industry initiatives such as the Healthcare Sector Coordinating Council’s Cybersecurity Working Group Executive Committee,AdvaMed® Cybersecurity Working Group chair, MDIC Cybersecurity Working Group chair and various standards groups including the AAMI Device Security WG. 

Linda Ricci began her career developing artificial intelligence solutions in the defense industry before moving to the medical device industry as a software engineer.  She helped to develop several diagnostic cardiology devices and has participated in all phases of product life cycle development.    Ms. Ricci has held several roles since joining the FDA in 2005 across the product lifecycle and currently is the Deputy Director for the Office of Strategic Partnerships and Technology Innovation (OST).  During her time at FDA, she has led activities in several critical areas for the center including cybersecurity, digital health, and emergency response.   She has degrees in Electrical Engineering, Medical Engineering, and Public Health. 

Zach Rothstein is Executive Director for AdvaMedDx®. In this role, Zach directs the policy, advocacy, communications, regulatory, payment and legislative strategy and operations of the association, which represents manufacturers of in vitro diagnostic (IVD) clinical tests in the U.S. and abroad. Prior to this position, Zach was AdvaMed®’s Senior Vice President for Technology and Regulatory Affairs where he led the association’s efforts on digital health, software, cybersecurity and postmarket policy matters. Rothstein also participated in all aspects of the MDUFA V negotiation process, and served as AdvaMed®’s lead coordinator for its COVID-19 Action team. Zach is also a member of the World Health Organization’s Digital Health Technical Advisory Group’s Roster of Experts.

Steve Silverman is the President of The Silverman Group, a consultancy that serves medical product companies on regulatory, strategy, and policy issues. Steve also provides regulatory guidance to MedTech investors. In addition, Steve serves as an expert witness on medical product regulatory matters.

Before this, Steve worked as Vice President, Technology and Regulatory Affairs, withAdvaMed®, the leading medical-device trade association. Steve focused there on product quality and compliance, pre-market approval, and device advertising and promotion. Adding to this, Steve was a Senior Expert with McKinsey & Co., where he counseled pharmaceutical, medical device, and other clients on regulatory strategies, product compliance and quality, and stakeholder communication.

Steve’s professional experience includes nearly two decades in federal service, with extensive time in senior FDA roles. At FDA, Steve directed the CDRH Office of Compliance, where he led device-quality initiatives, engaged Congress and the press, and guided the office’s reorganization. Steve’s FDA roles include Assistant Director, CDER Office of Compliance, where he oversaw implementation of drug regulations, policy, and public communications about prescription and over the counter drugs. Steve began his FDA work as an Associate Chief Counsel, where he led enforcement actions against drug and medical device companies. Steve’s past work includes positions with the US Department of Justice and the Federal Trade Commission.

Jessica Wilkerson is a medical device cybersecurity policy expert, coming to Roche after spending over five years at the FDA as a Senior Cyber Policy Advisor and the Medical Device Cybersecurity Team Lead. At FDA, she helped draft the 2025 Premarket Cybersecurity Guidance and implement FDA’s new explicit medical device cybersecurity regulatory authorities, known as Section 524B, as well as respond to numerous medical device cybersecurity vulnerabilities and incidents. Prior to FDA, she spent five years as a staffer with the Energy and Commerce Committee in the US Congress, where she advised congressional members on complex cybersecurity topics, and investigated cybersecurity issues in the health, energy, telecommunications, and other critical infrastructure sectors. She has a JD from the Catholic University of America’s Columbus School of Law, and a BA in Policy Studies from Syracuse University, as well as minors in Computer Science and Mathematics.