What MedTech Can Learn From SaaS Cybersecurity: Talk

MedTech can learn a great deal about successful DevSecOps (Development Security Operations) from Software as a Service (SaaS) companies. DevSecOps is a key modern engineering method for getting ahead of application security issues by fusing best practices for secure software development into the normal flow of an organization’s processes. It fosters a culture where cybersecurity is top of mind for developers, engineers and product owners.

Bruce Parr, a DevSecOps expert, has previously spoke with Orthogonal about his multi-year journey helping to lead the DevSecOps implementation at the fast-growing and well-regarded SaaS payroll provider, Paylocity. Bruce brings his unique perspective on cybersecurity to “Lessons Learned from Paylocity’s Ongoing Journey into DevSecOps,” on December 12th, 1:50–2:50 PM EST, as part of AdvaMed’s Cybersecurity Summit 2022. (The Cybersecurity Summit is a paid event. To attend this session, you must register directly with Advamed.)

This wide-ranging discussion with Bruce will also feature one of MedTech’s prominent thought leaders on cybersecurity, MedSec’s CEO Michelle Jump, and will be moderated by Orthogonal’s Chief Solutions Officer Randy Horton. Attendees will hear firsthand how a handful of experts on Bruce’s DevSecOps team supports hundreds of software developers in achieving continuous improvements in application security, while also meeting their aggressive product development deadlines and quality and budget KPIs.

Speakers:

Bruce Parr, Application Security DevSecOps Manager, Paylocity

Bruce is currently the manager of the Application Security DevSecOps team at Paylocity, where he has grown the team from two engineers to eight since 2021. The team regularly supports more than 800 internal clients using a combination of automation and tooling, custom built software, and old-fashioned advisory services to help ensure that Paylocity’s products and users are secure. Bruce has more than 20 years experience as a self-taught software developer/engineer at companies ranging from start-ups to Fortune 500, and remembers when cyber-bullying was knocking the stack of punch cards from classmates’ hands. He has a Bachelor in Music (Jazz Studies) from Indiana University and an MBA from the University of Pittsburgh. Bruce currently resides in Pittsburgh, Pennsylvania, and is proudly owned by a wife, two sons, and two cats.

Michelle Jump, CEO, MedSec

Michelle Jump is at the helm of MedSec’s growth, expansion, and overall success strategies. She is an active participant in the development of U.S. and international standards and regulations surrounding medical device cybersecurity. Recognized for her deep industry knowledge, she frequently serves as a panel member, session leader, and presenter at events focused on cybersecurity in healthcare.

​Michelle is the co-chair for the Software working group and the Health Software Quality working group, both part of the Association of the Advancement of Medical Instrumentation (AAMI). She has served on the AAMI Standards Board and has participated as the primary U.S. representative for the International Medical Device Regulators Forum (IMDRF) where she was part of the “Software as a Medical Device” working group.

Randy Horton, Chief Solutions Officer, Orthogonal

Randy has spent over a decade working with healthcare and life sciences organizations to tackle the Quadruple Aim: 1) optimizing health system performance by improving the individual experience of care, 2) advancing the health of populations, 3) reducing the per capita cost of care, and 4) enhancing the work-life of those who deliver care. Randy brings strong experience, expertise, and creative business thinking to his leadership role – along with nearly three decades of experience with Internet-enabled digital transformation and a passion for being a connector of people and ideas. He helps organizations break through to their “what’s next” by building new capabilities and launching innovative, digitally enabled – and highly successful – products and services.