Leading Healthcare Cybersecurity Firm MedSec Announces Appointment of Stephanie Domas as Vice President of Research
MedSec LLC, a leading provider of cybersecurity solutions to the medical device and healthcare industry, announced today the appointment of Stephanie Domas as Vice President of Research. Among her responsibilities will be the introduction of MedScan, a new tool which allows hospitals to assess the cybersecurity status of the medical devices on their networks.
At 31, Domas is widely recognized as one of the leading experts in healthcare cybersecurity, having contributed toward national security guidance and standards for medical devices, authored dozens of industry articles, and presented at a number of major conferences.
“Stephanie has done a tremendous job bridging the gap between hospital executives and medical device makers so that both audiences have a better understanding of the challenges and complexities they each face,” said Justine Bone, CEO of MedSec. “For a long time, these groups have been working in relative isolation despite having common ground – both want the medical equipment to operate effectively without the risk of cyber intrusions – to the benefit of patients.”
Domas, a resident of Columbus, Ohio, was previously the director of product security at Battelle.
Domas will leverage her strong relationships with medical device makers when working with hospitals on MedScan implementations. In her role at MedSec, she will facilitate collaboration between manufacturers and hospitals, and help them work through pain points on both sides. Under Domas’ guidance, MedSec will be developing additional products and services as the healthcare community strives to meet the ongoing cybersecurity challenge.
“Stephanie is a rising star in the healthcare cybersecurity industry with a track record of developing new products and services and working with clients to ensure their successful implementation,” said Bone. “She’s proven that she’s equally adept at presenting cybersecurity findings to C-level executives and boards of directors as she is finding and fixing cyber vulnerabilities.”
Domas will continue to work directly with medical device makers, as well, as they work to ensure their products are secure.
“I’ll be leading a MedSec team that will help hospitals assess the state of the devices on their networks, and facilitate with the medical device manufacturing community to determine the most effective and efficient solutions,” said Domas, who has worked extensively with medical manufactures on design, architecture, verification, testing, and execution of security best practices in the development of new medical devices. She’s also worked with CISOs, director of clinical IT security, CIOs and IT directors at hospitals and other healthcare organizations on strategies for penetration testing and cybersecurity risk mitigation of legacy systems.
Domas is an active member of the UL2900, UL5500, AAMI TIR-57, and AAMI TIR-97 standards committees, shaping industry best practices and security standards for medical devices. She is a registered Professional Engineer (PE) in the state of Ohio, and a Certified Ethical Hacker (CEH). Domas also serves as an adjunct faculty member at the Ohio State University College of Computer Engineering, where she graduated with a degree in computer and electrical engineering. She was recently named a 2017 Influential Women “One To Watch” by the Executive Women's Forum, the largest member organization serving emerging leaders as well as the most prominent and influential female executives in the Information Security, Risk Management and Privacy industries.
MedScan Scheduled for March Introduction
MedScan will be formally announced and fully available to hospitals and healthcare organizations in March. The product is being piloted at three major hospitals, where it has received passing grades from CIOs, CISOs, IT Directors. The tool is a combination of hardware, which sits on a hospital’s network, and proprietary software which runs over a secure cloud.
MedSec’s new MedScan tool creates opportunities for hospitals and medical device manufacturers to work together. Once out-of-date software is recognized, hospital staff can move connect with specific medical device manufactures to rectify the situation. Because of the custom proprietary protocols in many of the medical devices, it’s often difficult for IT managers to know which devices are even on the network. Traditional enterprise scanning tools often fail to identify medical devices because of these proprietary protocols.
“Because we work with so many device makers, we were able to build a proprietary tool that speaks these protocols,” said Bone. “Based on our pilot programs, MedScan will save hospitals hundreds of thousands of dollars in costs related to compliance, breaches, device down time, and other risk events.”
MedScan is the latest component in MedSec’s overall device security management technology suite, which includes well-respected security audit and consulting services for both hospitals and medical device makers. MedSec can help hospitals manage their software upgrades and device cybersecurity program as an additional service to the MedScan tool.
Many medical device manufacturers welcome a healthcare industry-specific product that aids them in their efforts to ensure their clients – hospitals – are running the most up-to-date software.
MedSec is a leading vulnerability research and security solutions provider for healthcare manufacturers, vendors, and providers, one of the only, if not the only, security company founded exclusively to serve the healthcare community. MedSec analyzes the quality and security of technology solutions in the medical device and healthcare industries, and partners with leading manufacturers and vendors to continuously improve quality, reliability and security for healthcare service providers.
MedSec has brought the expertise of highly specialized vulnerability researchers with backgrounds in intelligence and government environments, to help medical device manufacturers and hospitals address a growing number of security challenges. MedSec is now giving healthcare providers unique proprietary workarounds for healthcare-specific technology deployments that provide this necessary resilience to the healthcare ecosystem.