DRAFT Agenda

The following is a DRAFT Agenda for the CyberMedRx Summit on Medical Cyber Safety.

Friday, December 4, 2015

8:00 – 8:50 Registration and Breakfast (provided by OWASP Boston)

8:50 – 9:00 Welcome! Overview of the day | Joshua Corman | I Am The Cavalry

9:00 – 10:30 Foundation Setting

  1. Safer, Sooner: Challenges and Opportunities | Joshua Corman | I Am The Cavalry
  2. Facts & Fiction: The FDA in Their Own Words | Suzanne Schwartz, MD, MBA | Food and Drug Administration
  3. Highlights & Harmonization: MITRE’s Multi-Stakeholder Project  | Margie Zuk & Steve Christey Coley | MITRE
  4. Demystifying Disclosure: How & Why to Get Started | Art Manion | Carnegie-Mellon CERT-CC / Co-Editor ISO Standard on Disclosure

10:15 – 10:30 Break

10:30 – 12:30 Lightning Talks: Establishing Empathy & Stakeholder Perspectives*

  • Large Medical Device Manufacturer
  • Small Medical Device Manufacturer
  • Large Healthcare Delivery Organization
  • Small Healthcare Delivery Organization
  • Cybersecurity Vulnerability Researcher
  • Academic Medical Researcher
  • Patient and/or Patient Advocacy
  • Physicians and Caregivers
  • Biomedical Services
  • Payers and Insurance
  • Medical Technology Investors
  • Press and Media
  • Legal
  • Policymakers
  • Regulators

12:30 – 13:30 Lunch and discussion. Nominating and voting for Open Space Technology style working groups**

13:30 – 15:00 Working groups** – Topics decided by participants, some examples below

  • Coordinated disclosure
  • Regulatory hurdles
  • Access to devices for security research
  • Overcoming economic hurdles for small organizations
  • Simple threat modeling and hazard analysis
  • Cyber patient bill of rights

15:00 – 15:30 Summary and Wrap Up

*Each stakeholder group will give a talk, in the following format.

  • Who we are
  • Thumbnail of our mission
  • Fear: If we get this wrong… What we most fear
  • Hope: If we get this right… How we could be better at ___
  • Ask: What we most need now
  • Offer: How we can maybe offer of help/participation to other stakeholders?

**Guiding principles for Open Working Groups, taken from the Open Space Technology Rules.

  1. Whoever comes is the right people …reminds participants that they don’t need the CEO and 100 people to get something done, you need people who care. And, absent the direction or control exerted in a traditional meeting, that’s who shows up in the various breakout sessions of an Open Space meeting.
  2. Whenever it starts is the right time …reminds participants that “spirit and creativity do not run on the clock.”
  3. Wherever it is, is the right place …reminds participants that space is opening everywhere all the time. Please be conscious and aware.
  4. Whatever happens is the only thing that could have, be prepared to be surprised! …reminds participants that once something has happened, it’s done—and no amount of fretting, complaining or otherwise rehashing can change that.
  5. When it’s over, it’s over (within this session) …reminds participants that we never know how long it will take to resolve an issue, once raised, but that whenever the issue or work or conversation is finished, move on to the next thing. Don’t keep rehashing just because there’s 30 minutes left in the session. Do the work, not the time.