Medical device security startup rakes in $25 million as cyber threats escalate


Healthcare organizations need to take cybersecurity seriously now more than ever — more than 50.4 million patient records were hacked last year.

This urgency is reflected in a recent Series B funding round closed by MedCrypt, a San Diego-based provider of cybersecurity solutions for medical devices. The startup, founded in 2016, announcement the $25 million round on Tuesday.

This round of financing brings the company’s total fundraising to $34.4 million. It included investments of Intuitive businesses, Johnson & Johnson innovation, Section 32, Eniac Ventures, Anzu Partners and Dolby family businesses.

Medical devices are more connected than ever. In reality, nearly 70% of medical devices are expected to be connected devices by 2025, and hospitals are generally on average 10 to 15 medical devices for each patient bed.

Healthcare organizations have modernized their technology in the name of improving the patient and provider experience, mitigating clinical workflow inefficiencies and reducing costs. But this massive increase in connectivity between medical devices hasn’t necessarily happened for the sake of safety, according to MedCrypt CEO Mike Kijewski.

He said his company’s mission is to ensure that the medical devices clinicians use and patients rely on are as safe as possible. The startup sells its software to medical device makers so they can improve the safety of their products, which range from pacemakers to CT scanners.

“MedCrypt wants medical devices built with cybersecurity to be at the forefront of the development process, making them ‘secure by design’ and thereby protecting users and operators from cyber threats,” Kijewski said. “Our goal is to make healthcare a safer and more secure industry.”

The startup offers a range of services and products, including vulnerability management, threat modeling, security architecture reviews, and FDA regulatory strategy. These offerings enable medical device manufacturers to proactively protect patient data, monitor devices for security events, and manage device vulnerabilities.

With its Series B funds, MedCrypt plans to scale its software for cryptography, behavior monitoring, and vulnerability management. These products will be designed to be compatible with various types of medical devices, from small devices like glucometers to surgical robots used in hospitals.

MedCrypt claims to work with “seven of the top 10 medical device manufacturers”, but Kijewski was unable to disclose these companies due to “a variety of non-disclosure agreements/master service agreements in place”. . He said MedCrypt’s customer base ranges from “start-up companies working on new diagnostic and therapeutic devices to top 10 manufacturers aiming to improve the security of their vast portfolio.” Kijewski declined to share the startup’s customer count.

As for MedCrypt’s competitors, Kijewski acknowledged that the field of Internet of Things cybersecurity solutions is huge. But most companies focus on just one facet of cybersecurity and deliver it across a variety of industries, he said.

“What makes us unique is our focus on healthcare and our approach to meeting the specific and unique needs of the medical device space,” said Kijewski. “We develop and provide cybersecurity solutions to device manufacturers that do not require cybersecurity expertise to implement them. The complexity of the healthcare ecosystem – ranging from traditional hospital systems to evolving models of home care serving patients outside of the hospital – makes traditional IoT solutions incompatible with the notion of providing safe and continuous care.

Photo: traffic_analyzer, Getty Images


About Author

Comments are closed.