Meet The Experts
Healthcare Cybersecurity Experts
Whether you choose MedSec’s MedScan system for your health system, or if you engage our team of consultants, you’re tapping into the industry’s most sophisticated, most diverse, and most expert team of cybersecurity experts.
Not only will you work with technologists, coders, and data analysts who have advanced, sophisticated knowledge of cybersecurity, but you’ll be working with experts who have contributed to the development of international guidelines for device regulation, cybersecurity, privacy, patient safety, interoperability, including guidelines used by the FDA and other global regulatory bodies.
Justine Bone is CEO of MedSec and a seasoned information technology and security executive with far-reaching experience in software security research, risk management, information security governance, and identity management.
Her previous roles include Global Chief Information Security Officer at Dow Jones, Global Head of Information and Physical Security at Bloomberg L.P., CTO of Secured Worldwide, a NYC-based FinTech company, and CEO of the security research firm, Immunity Inc.
Justine began her career as a vulnerability researcher with Internet Security Systems (now IBM), X-Force, and New Zealand's Government Communications Security Bureau. She also has a background in the performing arts as an ex-dancer with the Royal New Zealand Ballet company.
Justine chairs the board of directors of Miami Children Corp., and she serves as a member of the HP Security Advisory Board, as well as the CISO Summit and USA Blackhat Review Board. In addition, Justine is on the faculty of the Institute for Applied Network Security where she focuses on Cybersecurity Policy & Governance. She is also the organizer of The Pwnies, an annual awards ceremony celebrating the achievements and failures of security researchers and the security community.
Chief Revenue Officer
John Hamm is chief revenue officer at MedSec where he leads the company’s efforts to grow its cybersecurity team and, more broadly, to expand MedSec’s cybersecurity point solutions.
John has a decades-long track record of successfully building partnerships with healthcare professionals and their organizations to reduce cyber risk, improve clinical outcomes, and increase operational efficiency. In addition to working with integrated delivery networks, hospitals, and health systems, John works with medical device manufacturers for the continued development of Internet of Medical Things (IoMT) cybersecurity applications, tools, and services.
John previously worked at Fortified Health Security, where he was responsible for providing strategic products and services to the healthcare industry to protect data and prevent cyber-induced patient harm. Prior to that, he served as national sales manager with GEHC, president and CEO at Messenger Enterprises Corp, and a managing partner at various healthcare specialized corporations.
John has been an active member of numerous industry groups, including, the Healthcare Information Management and Systems Society (HIMSS), the Medical Group Management Association (MGMA), and the Healthcare Financial Management Association.
John is a USMC Veteran and a former Firefighter/Engineer/EMT.
Chief Technology Officer
Andrew Donarumo is chief technology officer of MedSec, where he manages MedSec’s implementation of MedScan installation nationwide at hospitals, health systems, and other healthcare delivery organizations (HDOs).
Andrew has spent dozens of years tackling security challenges, from strategic to tactical, and has held leadership roles in many high-profile companies. Prior to joining MedSec, he served as enterprise architect at Genpact, where he led the company’s Oasis Technology Department, including development, promotion, and adoption of technology strategy, best practices, and standards.
Andrew also served as enterprise architect and technology evangelist at Bridgewater Associates, and as chief technology officer, internal systems, for Dow Jones.
He contributes regularly to industry-facing webinars and thought leadership pieces on the topic of hands-on technical solutions, logic and design gaps, and analyzing business processes.
Executive Vice President
Stephanie Domas is executive vice president at MedSec and has dedicated her career to addressing the challenges that medical device manufacturers face, including interconnectedness, optimal performance, and security.
In her role at MedSec, Stephanie leads the development of cybersecurity products and services to support medical device manufacturers in the areas of design, architecture, security risk management, regulatory filings, penetration testing, and execution of security best practices. She also works on vulnerability and asset management of connected medical devices in hospitals.
Stephanie contributes to standards committees dedicated to integrating cybersecurity into product design, manufacturing, and maintenance. She also partners with her fellow MedSec colleagues to spread awareness and education about cybersecurity.
She is a member of the Association for the Advancement of Medical Instrumentation (AAMI) and Underwriters Laboratories, Inc. She is a registered Professional Engineer (PE) and a Certified Ethical Hacker (CEH).
Stephanie has given a TEDx talk on medical product security, published several articles on medical cybersecurity topics, and has presented at industry leading events on medical cybersecurity. She also serves as an adjunct faculty member at Ohio State University College of Computer Engineering.
Stephanie earned a Bachelor of Science degree Ohio State University in electrical and computer engineering.
Global Regulatory Advisor
Michelle Jump is global regulatory advisor for MedSec as well as an active participant in the development of U.S. and international standards and regulations surrounding medical device cybersecurity. Among her activities, she frequently serves as a panel member, session leader, and presenter at events focused on cybersecurity in healthcare.
Michelle is the co-chair for the Software working group and the Health Software Quality working group, both part of the Association of the Advancement of Medical Instrumentation (AAMI). She has served on the AAMI Standards Board and has participated as the primary U.S. representative for the International Medical Device Regulators Forum (IMDRF) where she was part of the “Software as a Medical Device” working group.
Michelle is RAC certified and a Certified HIPAA Administrator.
Principal Healthcare Cybersecurity Advisor
Kevin McDonald is principal healthcare cybersecurity advisor at MedSec. Kevin has 40 years of healthcare experience in direct patient care, electronic medical record implementation, design and beta implementation of software, project management, IT support services, and information security.
In his former role at the Mayo Clinic, Kevin led the development of the medical device cybersecurity program as director of clinical information security and division chair of technology services. He also served as a security advisor for top medical device manufacturers, including Medtronic, Siemens, Varian, and Vizient.
Kevin is a member of the Underwriters Laboratory Health Sciences Council and is co-lead of the Health Sector Coordinating Council’s Joint Security Plan. He is also a member of the HIMSS Privacy and Security Committee.
In addition, Kevin has been an invited speaker at events for the Food and Drug Administration (FDA), the Radiological Society of North America (RSNA), Healthcare Information and Management Systems Society (HIMSS), Health Information Sharing and Analysis Center (H-ISAC), American Hospital Association (AHA), College of Healthcare Information Management Executives (CHIME), American Bar Association, DMD, and Gartner.
Kevin earned a master’s degree from University of Wisconsin-La Crosse in education and a Bachelor of Science in science nursing/registered nursing from Northern Illinois University.