Friday, 12 August 2022 1000-1800PST
A Capitalist approach to hospital security
In this talk I will describe how hospitals leaders understand security for hospitals. Understanding the way hospital leaders approach security will proved IT and IS with ways to communicate with those leaders. This talk will help the attendees to understand the unique challenges that IT and IS face when trying to improve security at hospitals. It will talk about the differences between compliance and actual security. More importantly it will help the attendees develop social engineering skills that will improve the chances of security projects being approved.
Eirick Luraas is Security Architect at Sapphire Health, where Eirick defends Hospitals. Eirick spends his days discovering and mitigating vulnerabilities, occasionally doing Incident Response. Eirick earned a MS in Cybersecurity. His dog enjoys taking him for walks in the Sonora desert.
Where there's a kiosk, there's an escape
My focus is on the overarching weakness in medical device manufacturing and design. Though "standards" such as the UL2900 Series, Medical Device in the field are not retested and upgrades, adding new functionality are not always vetted. I have seen some serious mistakes testing devices that exist in the field that should not exist. We can and will do better.
What I can say without causing lawsuit is that we need to be better and plan better and actually follow through with execution, not just use buzz words. For the last 2 years I have gotten 4 CVE's from testing Medical Devices at the Biohacking Village. UL2900 series just states TO test, not WHO to have test an asset. This can lead to faulty or under achieved testing scenarios.
I plan on going over my methodology for testing, what I look for when rating vulnerabilities regarding Medical Device flaws, ways to improve the whole scenario through communication with the information security world and how partnerships can be forged to accomplish this. I also have some funny stories along the way.
Michael (v3ga) is a Principal Consultant within Secureworks Adversary group covering a wide range of testing capabilities inclusive of Red Team simulations, Network Penetration Testing, hardware and Medical Devices. v3ga currently has 4 CVE's pertaining to medical device vulnerabilities.
Department Of Defense 5G Telemedicine and Medical Training: The Future of Healthcare the Remote Warrior
Paul Young, MD
The Department of Defense (DoD) continues to change based on emerging threats to National Security, threats, fiscal constraints, technological advancements, and warrior skill requirements. In June 2020, Office of the Undersecretary of Defense (Research & Engineering) named Joint Base San Antonio (JBSA) as an experimentation site for 5G augmented reality (AR) support for telemedicine and medical training. Although telemedicine is already happening today, it is often inhibited by a lack of adequate digital connectivity supporting the data speeds and volumes needed to provide real-time remote virtual healthcare. Since 5G is a critical strategic technology, the DOD must master 5G networks, which will eventually also touch every mission and operation of DOD medicine.
As the complexity of DoD medical support missions grows to cover the domains of air, cyber, land, water, and space, multiple healthcare challenges must be addressed. Therefore, JBSA has created several experiments in partnership with DoD medical component Virtual Medical Centers and civilian research labs to allow the development of future initiatives that incorporate 5G Wi-Fi under the 5G core to provide reliable, secure, and faster capabilities for remote training, telementoring, and field or austere environment care.
The phased 3-year experimental process of JBSA’s Program Management Office (PMO) seeksto leverage emerging technologies across 5G network slicing utilizing AR, enabling smart device remote use for DoD operational field care, and improving efficiency while also enhancing readiness training, proficiency, or competency for all military medics. Paramount goals and outcomes have been identified by a Joint Medical Steering Committee (MSC) to save lives by providing resilient, fault-tolerant DoD medical support anywhere in the world. The MSC will utilize some of the issues or discussions addressed in this initial presentation to shape investments and complement end-user desires for application management under the 5G arena. This conversation of innovations will also provide solicitations and a better perspective of 5G medical support observed in the civilian sector to provide military care service options in remote settings based on current directives.
In July of 2018 after over 35 years of total Military service Col (Dr.) Paul A.Young retired from his beloved five-year position as 25 th AF Command Surgeon, Joint Base San Antonio (JBSA). In that role he was responsible for medical support of over 30,000 personnel serving in core mission elements of multisource intelligence, surveillance, and reconnaissance (ISR) in over 74 locations worldwide. As the lead medic, Dr. Young advised all ISR commanders on human factors, workplace performance optimization, risk management, healthcare plans, guidance, oversight, and operational policies. He facilitated medical care, resource manning and applied initiatives and programs that maximized occupational health, well-being, and operational performance to ensure combat readiness. His engagements also crossed over into the realm of coordinating healthcare and health initiatives with the Air National Guard and AF Reserve Component entities, the National Security Agency, and the Department of State. Dr. Young also worked as DoD ambassador for numerous international security and Partner Nation phase zero operations. In his current role since Oct 2020 as JBSA’s 5G Executive Telemedicine Investigator, Dr. Young advises on DoD telemedicine program concepts for the Office of the Undersecretary of Defense, Research and Engineering (OUSD R & E). He facilitates incorporation of future wireless technologies into telemedicine and medical training, proposes interoperable initiatives, defines strategic plans, and investigates experiments which will eventually bring secure and untethered medical capabilities to the “Operational Edge” for all DoD medical personnel.
The Light Collective will share how ad targeting tools in healthcare leak PHI from hospitals and other HIPAA covered entities at an unprecedented scale. We'll cover the ways surveillance capitalism in healthcare has caused harm to patient populations during the pandemic. We'll walk through common marketing tactics and techniques used in healthcare which create an effective kill chain when exploited. Finally, we'll discuss legal & policy implications.
Jillian Simons: Jillian Simons is a passionate advocate for the rights of individuals when it comes to data privacy and protection. She is a U.S. Navy veteran with 18 years of experience in data privacy and security, served eight years in the military as a cybersecurity analyst Her work focuses on consumer rights and corporate obligations relating to data privacy and security. Jillian also has intellectual property experience in the health/life sciences industry and is a graduate of Harvard Law School, where she focused on policy and cyberlaw, and Georgetown University, where she focused on leadership and ethics.
Valencia Robinson is a breast cancer survivor, co-founding member of The Light Collective. As a patient advocate with 15 years experience working in the breast cancer community, Valencia is working to advance digital rights for patients and ensure technologies affecting the lives of her community have representation from people of color in the governance and design.
DIY Medicine With Unusual Uses for Existing FDA-Approved Drugs
Not only are there plenty of cures and treatments which stay on the shelf, inaccessible because they were never approved by the FDA, but there are also drugs which have already been approved, but are not generally prescribed for their best uses. Viagra cures menstrual cramps better than it treats ED, but doctors will not prescribe it for that. There is a decades-old substance which arrests and fixes tooth decay without drilling, approved by the ADA, but no dentist will ever tell you about it. You can easily give yourself an abortion with existing ulcer drugs, but they require a trick to acquire. Anxiety, depression, poor sleep, and bad digestion are all linked to GABA deficiency, which often has its roots in the deficiency of a precursor which only comes from gut bacteria. You can repopulate your gut with those bacteria with supplements which are GRAS [FDA designation: generally recognized as safe], cheap and not patented; but for this exact reason, you're much more likely to instead be prescribed zoloft, valium, protonix, and ambien. The medical industry seems be ignoring long covid while there is a decades-old drug for a rare disease which can cure most autoimmune-presenting instances of long covid. Come see all this and more, as we show you how to hack medicines which are already on the shelf.
Mixæl Swan Laufer worked in mathematics and high energy physics until he decided to tackle problems of global health and human rights. He continues to work to make it possible for people to manufacture their own medications and devices at home by creating public access to tools and information.
Gird your loins: Premise and Perils of Biomanufacturing
This year we have had a lot of new disclosures and vulnerabilities in the Bio Manufacturing space. In a new twist, we have new threats that have been thrust into the public consciousness. The world has been made aware of nation-state-level attacks that can wipe out whole companies, by accident, and worse yet it is becoming the norm. What can we as Bio-Hacking Security geeks do? What are the 5 things that can best protect us from external attacks and how can we implement them with little budget to no budget?What will you learn from this talk:
Critical ways to evaluate your current security posture
5 things that you can do in your company that will give you more security or visibility
HowWay to talk about those things with your company leaders, to get their buy-in.
Nathan Case is a successful executive and builder, pushing for change in security and the culture surrounding it. Leading strategic initiatives and the creation of new technologies in the healthcare, information technology and cloud industries, focusing on security. Focusing on a passion for Incident Response, and operational security in all forms. Pushing the bounds of threat detection and response. Finding new thoughts and bringing them to the fields of security and technology.
How to have an extraterrestrial conversation. Active METI Principles and Hackathon!
Chris Richardson and Éanna
1430 - 1545
This workshop is on Messages to Extra-Terrestrial Intelligence (METI) and their principles. During the workshop, you will decode an active METI and then you will work together to think about, design, and create the next active METI. We will broadcast the workshop’s fan favorite METI over VHF to Proxima b in the Alpha Centauri System, as decided by the discord.
Chris is a designer and multidisciplinary space scientist focusing on the human factors of planetary settlements, currently exploring the role decentralization can play in generating METI. He got his bachelor’s in international relations at Virginia Commonwealth University in Richmond and he is currently pursuing a master’s in space studies at International Space University in Strasbourg.
Éanna is an astrophysicist that has a penchant for being able to understand and expand upon humanities concepts while being able to talk to the human motivations for scientific advancement and exploration. She got her bachelor’s in astrophysics at Trinity College in Dublin and she is currently pursuing a master’s in space studies at International Space University in Strasbourg.
Medical Device Hacking: A hands on introduction
Malcolm Galland, Caleb Davis, Nathan Smith, Carolyn Majane, Matthew Freilich
Medical devices can provide life-saving and quality of life improvements for the patients who use them, but these devices frequently use embedded systems that are vulnerable in a number of ways. Bypassing and/or sniffing the physical and wireless interfaces, extraction and manipulation of firmware, and even data exfiltration can be performed with some surprisingly simple attacks. This discussion will cover how years of penetration testing has shown that these vulnerabilities are present industry-wide as well as some simple ways to mitigate the risks of attack. Following the presentation stick around for a hands-on workshop where you can pick the brains of several embedded penetration testers and try out some of the embedded testing techniques on display.
Malcolm Galland is a leader and mentor in Protiviti’s Embedded & Medical Device security division, where he regularly performs device security penetration testing on medical devices and across a wide range of other products. Malcolm’s deep technical expertise is clearly visible when he’s presented with the opportunity to teach members of the team and others.
Nathan Smith, has a background in embedded hardware/software development, is an inventor/patent holder, and performs device security penetration testing in various business sectors including medical devices.
Caleb Davis is also a leader in Protiviti’s Embedded & Medical Device security division, inventor/patent holder, has a background in embedded hardware/software development, and regularly performs penetration testing across a wide variety of products mainly focusing on medical devices, ATMs, chemical control systems, security systems, and other commercial products.
Carolyn Majane is an embedded penetration tester who focuses primarily on device security assessments in the medical field and is well versed in testing up and down the technology stack from embedded hardware, firmware, through the software/applications that control devices.
Matthew Freilich has been working in security for the past 15 years and started penetration testing with physicals, internal/external networks, and web applications - but the past seven years has focused on hardware and medical devices. He now helps organizations develop medical device and product security programs. Both speakers will also help facilitate the workshop.
Saturday, 13 August 2022 1000-1800PST
Space Station Sapians: Health is out of this world
Josef Schmid, MD
Dr. Schmid will provide an overview of the NASA space medicine operations current spaceflight challenges and opportunities in the context of the environments of care including air, space and terrestrially in our domestic and international health systems. He will provide a worldwind tour of Space Medicine origins, space telemedicine, medical training required, extreme environments of care, NASA international and off the planet medical operations, mission planning, space physiology, longitudinal surveillance of astronaut health, current and future missions, commercial space flight and new vehicles. Dr. Schmid will introduce the Holoportation Project, the first Holographic Transportation of humans to space, new technologies and opportunities for collaboration and problem solving with NASA.
NASA Flight Surgeon • Aquanaut • Air Force Major General (Ret)
Dr. Josef Schmid is a Flight Surgeon at NASA and a Major General (Retired) in the United States Air Force Reserves. His patients are the current and past Astronauts and their family members, and include an X-15 pilot, Shuttle, Space Station and Apollo Astronauts who have walked on the Moon. He became an aquanaut during a 12 day mission to NOAA’s undersea Aquarius habitat during NASA’s NEEMO 12.
Dr. Schmid has been a crew surgeon for shuttle missions STS-116, STS-120, STS-126 and for multiple long duration missions supporting the International Space Station including Soyuz launches and landing operations in Kazakhstan for expeditions 18, 24, 29, 39, 48, 56, and 63. He serves as the Lead for Medical Operations for the new Orion vehicle and Artemis Missions that will return humans to the Moon.
Dr. Schmid is the previous lead for Space Medicine Training, responsible for training medical students, other flight surgeons, astronaut crew medical officers and biomedical engineers, former Co-director for the Aerospace Medicine Residency at the University of Texas Medical Branch, Galveston. He has led missions teaching life saving surgical skills in Nepal, Rwanda, Mexico, Romania, Bosnia and Sri Lanka.
I looked at 3 different COVID at-home tests this year (2 used Bluetooth, one used a camera). I tried to identify weaknesses in these tests, and with the Bluetooth specific tests I was able to fake a positive test result. In theory, my research can be used to fake a negative result as well.
Ken is a Principal Security Consultant at F-Secure who specializes in mobile security, with a hint of IoT security. He has a love/hate relationship with the medical field, as he's been involved with that field for over 10 years.
The Manufacturers Disclosure Statement for Medical Device Security, or MDS2, has become increasingly ubiquitous as a source of information about the security capabilities of IoMT devices, but many organizations still find operationalizing the information contained within to be challenging. In this talk, learn how to best analyze the MDS2 form to gather security data, and how to leverage the data contained within the MDS2 form to improve your IoMT security posture across the device lifecycle, both for pre-procurement risk assessments and post-procurement management and hardening.
Jeremy Linden is Sr. Director, Product Management at Asimily. He has over 15 years of experience in the cybersecurity industry as a product manager, engineer, and security analyst. Prior to Asimily, he led product management teams at Expanse, OpenDNS, and other security companies.
All information should be free . . .
(except the brain data you want to keep in your head)
When Isaac* arrived at our Emergency department in a critical condition, the last place we thought to investigate was within the Deep Brain Stimulator (DBS) inside his head. Medical device failures or 'medical hacks' are not constituents of practitioner training, and the consequences were immediately apparent as we attempted to care for the patient . Isaac's recovery was due to the resetting of the DBS settings by the programmer, and not as a result of medical attention.
The use of implanted neuromodulation is increasing in both the medical and consumer space, yet the telemetric nature of these closed looped systems expose them to a range of vulnerabilities [2-4]. Unlike hacks on insulin pumps and pacemakers, there is currently no research on hacks of brain-computer interfaces [1, 5].
Interactions between hardware and neuroanatomy invoke a range of unexpected symptoms - for Isaac the DBS error induced intense emotions and motor disturbance. An understanding of these biotechnological syndromes requires expertise from computer scientists, engineers, biomedical experts and hackers who can expose system flaws. We bring this case to DEFCON to foster collaboration between the medical and hacking community, to improve the care of patients like Isaac, who present with medical emergencies resulting from technological failures.
Isabel is an Emergency Doctor in London with a background in public and global health, currently pursuing a PhD in ‘Artificial Intelligence (AI) in Healthcare’ at University College London (UCL).
Breaking the Intelligence Cycle - how to tailor intelligence functions to your needs?
Threat Intelligence has become a buzzword in the last few years, and almost every organization now understands the need for intelligence to enable better protection in the organization. The intelligence function is decisive in the ability of the organization to be proactive in security, but what do we really know about establishing this function, and how can we tailor the function to our intelligence needs and our protection capabilities? In "Breaking the Intelligence Cycle", Ohad Zaidenberg, Threat Intelligence Strategic Leader and the founder of the CTI League, will review the steps that need to be taken to create this tailor-made function with considerations for the maturity level of the recipient stakeholders. Moreover, Ohad will present brand new methods for establishing PIRs and disseminating intelligence, especially for the medical sector.
Ohad Zaidenberg is the threat intelligence strategic leader at ABInbev and the CTI League founder. Over the past ten years, Zaidenberg has focused on establishing tailor-made intelligence functions and researching adversaries and disinformation. Zaidenberg was also the lead researcher of ClearSky.
The introduction of an SBOM in the 2018 FDA premarket cybersecurity guidance, and inclusion in update 2022 quality system considerations guidance, has become a rallying cry for SBOM adoption across the healthcare industry. However, three years on and progress has been incremental in generation, adoption, distribution and consumption. The end objective is knowing when a vulnerability impacts an ecosystem.This talk shares some observations, practical / technical insights into challenges, and paints a picture of the potential future we could have.
Mike is the cofounder of MedCrypt, a medical device cybersecurity startup based in San Diego, CA. Leo is a Senior Software Development Engineer on MedCrypt’s Heimdall project and a forever DM.
Cyborg and Mutant Rights: Radical Inclusivity and Intersectionality in the Biohacking World
Cyborgs and mutants are not fictional creatures relegated to the realm of sci-fi and superheroes, they are all around us: regular people with pacemakers and prosthetics, with cancer and chronic illness, as well as gender queer and neurodivergent people. For cyborgs and mutants, biohacking often isn’t just a hobby, it is a method of survival. This workshop aims to examine the history, ethics, and legalities of various forms of biohacking and their impact on gender queer, disabled, chronically ill, and neurodivergent persons.
Berkelly Gonzalez is a biohacker and undergraduate Physics student studying at UC Berkeley who is passionate about issues surrounding healthcare as a human right, bodily autonomy, and accessibility within the scientific community.
Natural Disasters and International Supply Chains: Biomedical and Pharmaceutical Review
How Puerto Rico was once prime real estate for medical and pharmaceutical manufacturers to provide devices and services to mainland America. With the dissolution of certain tax abatements and natural disasters, these manufacturers moved to other countries leaving behind facilities ready for use.
Medical Doctor and Public Health Consultant and Researcher
This presentation is on planning for cybersecurity risks that are inherent within healthcare facility control systems. Traditional standalone OT systems that operate our building (HVAC, electrical, etc) are systems are essential components to a typical healthcare facility’s operation.
The evolution and market demand for smart and sustainable buildings is driving convergence of IT, IoT and OT systems. The return on investment offered by these technologies could be eliminated by a single cyber event without planning for cybersecurity and resilience, or even worse, can affect patient life safety due to interdependencies of systems.
This presentation shows how to recognize potential cybersecurity risks from integrated control system technologies and data integration, and how owners have successfully implemented secure, resilient, and maintainable solutions through application of a risk management framework within facility design.
David Brearley (GICSP, PMP) is a senior professional associate and Operational Technology Cybersecurity Director at HDR. David has nearly 20 years of international experience in providing IT & OT solutions, services, and consulting covering the comprehensive control system lifecycle.
Cyber-biosecurity is neither a biology-only nor a cyber-only challenge. As biotechnology
continues to develop and the way that science is practiced evolves, so too does the nature
of crime. In this talk, I will present a framework for mapping biotechnology crime and misuse
opportunities with the aim to inform, influence and underpin evidence-based policymaking in
the UK and abroad and, where relevant, to change organisational culture and practices, to
improve national security.
Mariam Elgabry, PhD is a Cyber Fellow at Yale University Law School with a PhD in Cyber-Biosecurity from the Dawes Centre for Future Crime and the Advanced Biochemical Engineering departments at UCL. Mariam’s background is in deep-tech and bioengineering, developed from leading award-winning projects in industrial settings, during her time at Astra Zeneca and Microsoft. Her work on biotechnology crime has been recognized by the UK Parliament Joint Committee for National Security and the United Nations. Mariam is founder of bronic (www.bronic.co), a security design platform for emerging technologies.
Over the course of the past two years, our group has finished a number of projects which allow for people to take control of their own health. Automatic external defibrillators can cause someone who is in [certain types of] cardiac arrest to merely wake up, but only if they get it soon enough. However, they cost thousands of dollars. We have an open-source version which can be built for $500 by any mid-level hobbyist, and meets all CE and FDA requirements. Additionally, we have adjoint tools for the AED which increase the save rate, and reduce the likelihood of brain damage. We also have an open-source DIY automated chemical reactor, with which people can manufacture their own drugs. We will be demonstrating the device and releasing complete instructions and programs for it, including one which makes Narcan out of Vicodin. Lastly, we will have a live demonstration, and give public online access to an AI which can discover drug synthesis pathways. Come see all this and more, as we release detailed documentation explaining how to build devices yourself which can save your life.
Mixæl Swan Laufer worked in mathematics and high energy physics until he decided to tackle problems of global health and human rights. He continues to work to make it possible for people to manufacture their own medications and devices at home by creating public access to tools and information.
Zac Shannon is a grinder and multi-hobbyist. He receives gratification from applying lessons learned from one field of interest to another, especially when it results in the improvement in the lives of others."
Abraxas has taken a break from poetry and geometry to defend human rights on the global health stage. He likes burgers, and his favorite color is probably chartreuse.
Sunday, 14 August 2022 1000-1400PST
This light installation "Memento Vivere" is made up of several connected objects, which will interact with spectators as they pass through the event space. The aim of this multidisciplinary project is to give viewers an experience at the intersection of art and technology, by pushing the public to think critically about the relationship between technology and cognitive function (or even dysfunction).
The installation consists of a series of electroluminescent cables that emerge out of a skull structure built using 3D pen technology. The cables together form a massive connected object, which responds to the interactions of its spectators. Different cables and sectors of the installation will light up according to the movement in front of the piece, the acoustic vibration, and the electronic objects that are present in the room. The spectator is thus encouraged to move and walk in front of the installation, to discover the actions that stimulate the brain.
The IoT technology used in this piece reflects the guiding question of this project: over time, how does the Internet influence our mental functions, human creativity, and the connections between people? IoT sensors can be used to stimulate, and perhaps even expand, the brain's function. However, when taken to its extreme, the overstimulation generated by a constant flow of information from IoT capture points to the brain, leads to a degradation of some of the functions that make up the foundation of a human being. I hope to convey the message that technology creates an important bridge between people and ideas, while encouraging healthy criticism or interrogation of the influence that digital tools have in our lives.
This project is being developed in collaboration with Dr. Frederik Van Gestel, a neuroscience researcher at UZ Brussel, who focuses on the uses of XR technologies in neuro rehabilitation. This piece was first initiated through research funding provided by the Fédération Wallonie-Bruxelles.
Ricardo Martinez Herrera (Riikc) is a Mexican artist based in Brussels, Belgium. His work focuses on the intersections of technology and art, including themes related to human anatomy; mathematics, particularly geometric patterns found in nature; and the interactions between nature and the built environment. His artistic approach focuses on combining traditional methods with new materials and approaches, to highlight the continued or even renewed relevance of ancient techniques.
A self-taught approach underlies much of his artistic work. To fund his studies in sculpture, Riikc spent 10 years working in the digital sector, as a web developer and visual content creator. After finishing his MFA in sculpture (2016) at the Académie Royale des Beaux Arts in Brussels, Ricardo then launched his own technology and communications agency. Today, Riikc draws on his experiences in both the fine arts and the technology sectors, to create artwork that spans several genres, including metalwork; digital art; 3D printing and drawing; connected art; and mixed media artwork.
Since 2017, Ricardo has been working with the 3D pen company, 3Doodler, to develop their STEAM education strategy and content. His approach has focused on how this new, hands-on technology can be used to make science education — in particular human, animal, and plant anatomy — more accessible.
In 2021, Ricardo received a research grant from the Fédération Wallonie-Bruxelles to continue his sculptural work. This grant supports his materials research into 3D pen and bronze sculpting, as well as the development of a connected light installation using IoT capture points.
Reality is in the eye of the beholder
The magic of Augmented and Virtual Reality are changing the way we game, interact, and how health and medical care will be for patients. Telehealth visits with hologram physicians, video game intercontinental surgical procedures - the possibilities are endless. Join us for these interactive sessions.
XR for Literally Everything, Everywhere, All at Once
Everyone is cashing in on opportunities to buy and sell, anything in the mythical metaverse. A world driven by augmented reality (AR), virtual reality (VR), mixed reality (MR), and every other combination of reality you can imagine. It’s the metaverse of madness now. XR or extended reality is how we are going to smoosh all these together. What are the odds that security, safety, and privacy are at the top of mind for companies developing XR Tech? Let’s spend a minute or two in the vast world of XR and specifically in MedTech and Biotech to check out the mind-blowing progress in hardware, software, and infrastructure. And hey, maybe we hacks stuff along the way.
Ms. Skelly has more than twenty years’ experience providing security and strategic solutions to include personnel, physical, and cyber security. She brings more than ten years in government service with a focus on National and Homeland Security. Ms. Skelly served in the US Army as an Explosive Ordnance Disposal Technician and went on to work for DHS in the Office for Infrastructure Protection. In this capacity she ran vulnerability assessments and exercises on Critical Infrastructure assets throughout the Nation, developing the first systems assessment approach for Critical Infrastructure. In addition to government service, Skelly has ten years’ experience with the private sector in Technology & Security Business Management and Strategy. Her former roles include Director of Strategic Partnerships, VP of Sales and Marketing, VP of Global Partnerships, Chief Revenue Officer, Chief Growth Officer, CEO, and Board Member. Her expertise in business strategy, crisis management, cybersecurity, intelligence analysis, and Homeland Security make her an admired and respected leader among her colleagues. Skelly has been recognized as one of the Top 25 Women in Cybersecurity 2019 by Cyber Defense Magazine, by The Software Report in the Top 25 Women Leaders in Cybersecurity 2019, and one of the Top Female Executives by Women World Awards in 2019. Skelly is also a mentor and coach for Cyber Patriot, Girls Who Code and, was awarded the Women’s Society of Cyberjutsu Mentor of the Year for 2019, and Top Women in Cybersecurity 2020 by Cyber Defense Magazine.