Health-ISAC (Health Information Sharing and Analysis Center), the nonprofit forum for helping healthcare organizations remain resilient in the face of cyber and physical security threats, has named its first director of medical device security.
Phil Englert will lead Health-ISAC’s medical device security program and work with medical device manufacturers (MDMs) to help improve privacy and security while coordinating with health delivery organizations (HDOs) to ensure implementations are practical and achievable.
Englert will serve as subject matter expert and contributor to Health-ISAC’s Medical Device Security Information Sharing Council (MDSISC), which brings together more than 300 people from HDOs and MDMs and stakeholders in medical device security to develop solutions, identify best practices and facilitate the exchange of information to help secure the use of medical devices and related practices. In addition, he will oversee initiatives around coordinated disclosure of vulnerabilities including pre-public sharing processes. He will also coordinate with regulators, government partners, standards organizations, MDMs, HDOs, industry associations and other partners to help build resiliency for emerging medical technologies and changing cyber threats.
“Because Health-ISAC recognizes the key role that medical device security plays in the overall security of the healthcare ecosystem, we have taken the step to invest in and support the sector by creating this important position and hiring Phil,” says Denise Anderson, president and CEO of Health-ISAC, in a statement. “Phil also brings the valuable perspective of being a Health-ISAC member previously and participating in the initial standing up of the MDSISC.”
Englert brings over 30 years of technical and operational leadership in healthcare and life sciences experience to Health-ISAC member organizations. He was most recently the chief product officer for MedSec, a leading provider of consulting and software services focused solely on cybersecurity for hospitals and medical device manufacturers. Prior to that he was with Deloitte and served as Global Leader for Medical Device Cybersecurity, where he led client engagements developing medical device security programs.
Health-ISAC is primarily focused on sharing timely, actionable and relevant information with each other including intelligence on threats, incidents and vulnerabilities and best practices, mitigation strategies and more. Sharing occurs both machine-to-machine and person-to-person.
Health-ISAC also fosters the building of relationships and networking through worldwide educational events and white papers.
