MedCrypt CEO Mike Kijewski wants patients who reply on connected medical devices to know that the benefits of those devices “almost certainly” outweigh any risk of a potential cyber hack of the device.
CEO
MedCrypt
However, just because the odds of a cybercriminal plotting a villainous attack on people’s life-saving devices in extremely thin, it doesn’t mean MedCrypt isn’t prepared to protect devices from a potential attack or any other cyber issue that may arise.
“Now that we live in a world where medical devices are connected to the internet, you can imagine some type of nefarious actor, either intentionally reaching out to one of these devices and changing the way it functions, or more likely just writing general malware designed to spread out in the world that then finds its way onto a hospital’s radiology oncology system,” Kijewski said.
Concerns Lead to Investments
Protecting medical devices from malware or even an intentional ransomware attack is a growing concern for the approximately 10 to 15 million medical devices in U.S. hospitals today. An estimated 25% already are connected, and this is expected to grow to 40%.
To address the cybersecurity risks posed by the integration of connected medical devices across healthcare, both in hospitals and at home, the Food and Drug Administration (FDA) released updates to its cybersecurity guidance, which outline recommendations related to the design and maintenance of medical devices. Similarly, other international regulators have been raising the bar on cybersecurity for their respective regions.
The growing concern for medical device cybersecurity by regulators has also led to growing investment in firms like MedCrypt.
On Nov. 1, the company announced a successful $25 million Series B funding round that included strategic investments by Intuitive Ventures, Johnson & Johnson Innovation – JJDC, Inc. and participation by institutional investors Section 32, Eniac Ventures, Anzu Partners and Dolby Family Ventures. This round brings the company’s total funding to date to $34.4 million.
“We’re past the point of debating the need for improved healthcare cybersecurity and it’s exciting to see the industry putting more time and attention into addressing this issue,” Kijewski said. “We’re honored to be backed by some of the biggest venture funds in healthcare who understand and support our mission to provide proactive cybersecurity solutions that will help create a more secure future.”
‘Potential Standard-Setter’
MedCrypt will use these funds to scale the company’s cryptography, behavior monitoring, and vulnerability inventory products across various types of medical devices, from glucose monitors to hospital-based surgical robots.
Managing Director
Intuitive Ventures
“With the acceleration of complex medical device ecosystems in hospitals and homes across the United States, and growing expectations of patients, providers, and device manufacturers to meet higher standards for security protection, proactive and focused cybersecurity solutions are urgently needed,” said Oliver Keown, MD, managing director of Intuitive Ventures, the investing arm of surgical robotics pioneer, Intuitive.
“MedCrypt’s ‘secure by design’ product infrastructure will be a critical enabler – and potential standard-setter – for the healthcare industry as stakeholders seek to address the evolving risk profile today. Intuitive Ventures is pleased to provide financial and strategic support to MedCrypt at this pivotal moment as the company enters its next exciting phase of growth,” Dr. Keown added.
Attracting Top Manufacturers
The funds will also be used to expand MedCrypt’s engineering team to support the market’s exponential increase in demand for medical device cybersecurity products and services.
“We’re using this funding to, among other things, take what we’ve done for a relatively small handful of device manufacturers and hopefully apply it to all of the large players in the industry,” Kijewski said.
MedCrypt currently provides enhanced security features and services for seven of the top 10 medical device manufacturers as well as startups and mid-sized companies – a feat accomplished by spending the last five years building trust with medical device companies as they adapted to new cybersecurity regulations and proving out MedCrypt’s products, Kijewski said.
“Now here in 2022, pretty much every medical device manufacturer we’ve talked to in the last 18 months understands how important cyber security is, how it impacts patient safety and they really want to do their best.”
MedCrypt
Founded: 2016
CEO: Mike Kijewski
Headquarters: San Diego
Business: Developer of cybersecurity tools for medical devices
Funding: $$34.4 million to date
Employees: 28
Website: medcrypt.co
Notable: MedCrypt provides security features and services for seven of the top 10 medical device manufacturers.
