Healthcare organizations need to take cybersecurity seriously now more than ever – more than 50.4 million patient records were breached last year.
This urgency is reflected in a recent Series B funding round closed by MedCrypt, a San Diego-based provider of cybersecurity solutions for medical devices. The startup founded in 2016. announced the $25 million round on Tuesday.
This funding round brings the company’s total fundraising to $34.4 million. It included investments from Intuitive endeavors, Johnson & Johnson Innovation, Section 32, Eniac Ventures, Anzu Partners and Dolby Family Ventures.
Medical devices are more connected than ever. In fact, nearly 70% medical devices are predicted to be connected devices by 2025, and hospitals tend to be medium 10 to 15 medical devices for each hospital bed.
Healthcare organizations have modernized their technology in the name of improving the patient and provider experience, alleviating clinical workflow inefficiencies and reducing costs. But this massive increase in connectivity between medical devices hasn’t necessarily happened with security in mind, according to MedCrypt CEO Mike Kievsky.
He said his company’s mission is to ensure that the medical devices used by clinicians and relied on by patients are as safe as possible. The startup sells its software to medical device makers so they can improve the security of their products, which range from pacemakers to CT scanners.
“MedCrypt wants medical devices built with cybersecurity at the forefront of the development process, making them ‘secure by design’ and therefore protecting users and operators from cyber threats,” Kievsky said. “Our goal is to make healthcare a safer and safer industry.”
The startup offers a range of services and products, including vulnerability management, threat modeling, security architecture reviews and FDA regulatory strategy. These offerings enable medical device manufacturers to proactively protect patient data, monitor devices for security events, and manage device vulnerabilities.
With its Series B funding, MedCrypt plans to scale its cryptography, behavioral monitoring and vulnerability management software. These products will be designed to be compatible with various types of medical devices, from small devices such as glucose monitors to surgical robots used in hospitals.
MedCrypt claims to work with “seven of the top 10 medical device manufacturers,” but Kijewski was unable to disclose those companies due to “various non-disclosure agreements/master services agreements in place.” He said MedCrypt’s customer base ranges from “startups working on new diagnostic and therapeutic devices to top 10 manufacturers looking to improve the security posture of their broad portfolio.” Kievsky declined to say how many customers the startup has.
As for MedCrypt’s competitors, Kijewski acknowledges that the field for IoT cybersecurity solutions is vast. But most companies focus on one aspect of cybersecurity and provide it across industries, he said.
“What makes us unique is our focus on healthcare and our approach to meeting the specific and unique needs of the medical device space,” said Kievsky. “We develop and deliver cybersecurity solutions to device manufacturers that do not require cybersecurity expertise to implement. The complexity of the healthcare ecosystem – ranging from traditional hospital systems to evolving home care models serving patients outside the hospital – makes traditional IoT solutions incompatible with the idea of providing safe and continuous care.”
Photo: traffic_analyzer, Getty Images