Secure Medical Device Procurement

Nick Sikorski, Manager, Deloitte & Touche LLP

• Global Strategy and Solutions Leader for Deloitte & Touche’s Product Safety and Security practice responsible for securing connected products across various industries
• Primarily works with Medical Device Manufacturers and Healthcare Providers designing, developing, and implementing enterprise level Product Security Programs
• Extensive experience assisting product manufacturers and consumer organizations with the securing of their connected products throughout the product lifecycle
• With product manufacturers, Nick has worked to implement security and privacy by design practices and to conduct postmarket patch and vulnerability management
• With consumer organizations (e.g., healthcare providers), Nick has worked to integrate security into product procurement and to implement asset management, vulnerability monitoring, and risk management practices
• Beyond consulting, Nick is active across the life sciences and health care industry through his work on the Association for the Advancement of Medical Instrumentation’s (AAMI) medical device security workgroup
• Nick received a B.S. degree in Civil Engineering from the University of Notre Dame and holds Certified Information Systems Security Professional (CISSP) and Certified Secure Software Lifecycle Professional (CSSLP) credentials

Phil Englert, Specialist Leader, Deloitte & Touche LLP

• Over 23 years of operational leadership for a large healthcare system
• While primarily focused on leading strategy, operations, and security for healthcare technology management, additional responsibilities included leading the enterprise business resilience effort, and key roles in IT security governance, incident response, and IT security standards
• Provided active governance and oversight roles for data privacy, protection, and enterprise response to data related incidents, which included incident analysis, responses based on impacted data sets and exploit vectors and governance requirements
• Provided key leadership in the development and delivery of a cooperative and integrated Clinical Engineering, IT Security, Legal, and Corporate Responsibility effort enabling a comprehensive medical device security program and ensured sustaining the mission in a cyber-hostile environment
• Technical and management experience with manufacturing and third party service organizations and has lead strategy, operations, and security for healthcare delivery vertical
• Lead multidisciplinary teams to assess and address medical device security, developed operational and quality benchmarking programs, and created and delivered successful life cycle management strategies
• A key leader in strategy and tactics development for $250M multifunctional services organization supporting over 100 Acute Care facilities in 20 states
• Championed the First Initiatives extended warranty program, resulting in more than $20M savings
• Fostered key vendor relationships & negotiated master agreement terms that altered service delivery across the industry
• Developed collaborative and flexible partnerships enabling optimal engagement in an evolving market