D0 No H4RM: A Healthcare Security Conversation

Presented at DEF CON 25 (2017), July 29, 2017, 8 p.m. (120 minutes)

Previously a free-flowing, fast moving conversation between old friends and new colleagues in a dimly lit and alcohol soaked off-strip hotel suite, the third annual edition of "D0 No H4rm" moves to the better lit and even more alcohol soaked auspices of the DEF CON 25 Evening Lounge for a two hour session that links makers, breakers, and wonks in the healthcare space for a continuation of what may be one of the most important conversations in all of hackerdom- how to ensure the safety and security of patients in a system more connected and vulnerable than ever before. Join physician researchers quaddi and r3plicant, and researcher turned wonk Beau Woods as they offer an update on the state of the field and curate an interactive and engaging panel before breaking out the bottle and getting social. Continuing a tradition that has sparked professional connections, project ideas, and enduring friendships, "D0 No H4rm" aims to offer a prescription for the future, and we want your voice to be heard.


  • Jeff Tully MD / r3plicant - Hacker   as Jeff "r3plicant" Tully MD
    Jeff Tully is an anesthesiologist, pediatrician, and researcher with an interest in understanding the ever-growing intersections between health care and technology. Prior to medical school he worked on "hacking" the genetic code of Salmonella bacteria to create anti-cancer tools, and throughout medical training has remained involved in the conversations and projects that will secure healthcare and protect our patients as we face a brave new world of remote care, implantable medical devices, and biohacking. @jefftullymd
  • Suzanne Schwartz, MD, MBA - Associate Director for Science & Strategic Partnerships, FDA'Center for Devices & Radiological Health (CDRH)
    Suzanne Schwartz, MD, MBA is the Associate Director for Science & Strategic Partnerships at FDA's Center for Devices & Radiological Health (CDRH). Among other public health concerns, her portfolio has most notably included medical device cybersecurity, for which she chairs CDRH's Cybersecurity Working Group. She also co-chairs the Government Coordinating Council for Healthcare & Public Health critical infrastructure sector. Before FDA, Suzanne was a full time surgical faculty member at Weill Cornell Medical College.
  • Jay Radcliffe - Senior Security Consultant and Researcher, Rapid7
    Jay Radcliffe is a Senior Security Consultant and Researcher at Rapid7. He is an offensive penetration tester with a knack for hardware hacking and embedded device security. He has given dozens of presentations at conferences around the world including DEF CON and Blackhat including several on the security of insulin pumps.
  • Michael C. McNeil - Privacy and security expert, Philips Healthcare
    Michael C. McNeil is a noted privacy and security expert who leads the Global Product Security and Services organization at Philips Healthcare. In this capacity, McNeil leads the global product security and data protection program for the company. He is also a member of the Visual Privacy Advisory Council (VPAC) , Medical Device Privacy Consortium (MDPC), Medical Device Innovation, Safety and Services Consortium (MDISS) and a frequent speaker at privacy and security conferences around the world.
  • Joshua Corman - Director of the Cyber Statecraft Initiative at the Atlantic Council's Brent Scowcroft Center
    Joshua Corman is the director of the Cyber Statecraft Initiative at the Atlantic Council's Brent Scowcroft Center and a founder of I am The Cavalry (dot org). Corman previously served as CTO for Sonatype, director of security intelligence for Akamai, and in senior research and strategy roles for The 451 Group and IBM Internet Security Systems. He co-founded @RuggedSoftware and @IamTheCavalry to encourage new security approaches in response to the world's increasing dependence on digital infrastructure. Josh's unique approach to security in the context of human factors, adversary motivations, and social impact has helped position him as one of the most trusted names in security. He also serving as an adjunct faculty for Carnegie Mellon's Heinz College and on the 2016 HHS Cybersecurity Task Force.
  • Beau Woods - Deputy director of the Cyber Statecraft Initiative in the Brent Scowcroft on International Security
    Beau Woods is the deputy director of the Cyber Statecraft Initiative in the Brent Scowcroft on International Security. His focus is the intersection of cyber (yes, he'll drink for that) security and the human condition, primarily around Cyber Safety. This comes out of the I Am The Cavalry initiative, ensuring the connected technology that can impact life and safety is worthy of our trust. Beau started his career working at a regional health provider, protecting patients by defending medical data and devices. @beauwoods
  • Christian Dameff MD MS / quaddi - Hacker   as Christian "quaddi" Dameff MD MS
    Christian (quaddi) Dameff is an emergency medicine physician, former open capture the flag champion, prior DEF CON speaker, and researcher. Published works include topics such as therapeutic hypothermia after cardiac arrest, novel drug targets for myocardial infarction patients, and other Emergency Medicine related works with an emphasis on CPR optimization. Security research topics including hacking critical healthcare infrastructure and medical devices. This is his thirteenth DEF CON. @cdameffMD