Cybersecurity for medical devices on the rise
Our expert's opinion
"As Medical Devices, such as pacemakers and insulin pumps, are starting to get «Smart» and able to send relevant data to doctors and researchers, the risk of the data leaking where it shouldn’t, is increasing. New companies, such as MedCrypt, are trying to fill this gap in the market by developping soutions to secure either the devices themselves or the network they operate on.
I can definitely see this market expanding very quickly over the next years. What do you think about this? Would you be ok to use a connected medical device now that you know it represents a risk?"
- Antoine Desprez, Associate Consultant
As concerns over medical device security rise, MedCrypt raises $5.3 million
As medical devices move to networked technologies, securing those devices becomes increasingly important.
Regulators, seemingly late to the threat that unsecured medical devices posed, only began requiring protections for medical devices like pacemakers and insulin pumps two years ago, and since then new technology companies have leapt into the breach to begin providing security services for the healthcare industry.
Most recently, MedCrypt, a graduate from the most recent batch of Y Combinator companies, raised $5.3 million in a new round of funding, from investors led by Section 32, the investment firm founded by former Google Ventures partner Bill Maris.
Joining Maris’ firm were previous investors Eniac Ventures and Y Combinator itself.
“Internet-connected medical technology is entering the market at light speed, calling for devices to be secure by design, which leads to a heightened level of patient safety at all times,” said MedCrypt chief executive Mike Kijewski in a statement.
Securing patient data has been a longtime requirement for health technology companies, but both patient records and hospital networks are dangerously vulnerable to cyberattacks.
In 2018, more than 6 million patient records in the U.S. were exposed thanks to network intrusions and cyberattacks, according to the publication Health IT Security. And those were just in the 10 largest security breaches.
The healthcare industry has only managed to achieve 72% compliance with the HIPAA Security Rule for protecting patient data, according to an April report from CynergisTek.
Investors have recognized the problem and are investing more into companies focused on the healthcare market specifically. MedCrypt’s competition for these security dollars include companies like Medigate, which raised $15 million earlier this year.
While Medigate focuses on network security, MedCrypt is focused on securing devices themselves. Both security functions are critical, according to investors.
“With regulators appropriately taking a hard look at medical device security and the sheer growth in the number of devices being added to already complex clinical networks,” there is a significant opportunity for companies tackling medical device security, according to a statement from Dr. Jonathan Root, who has led several IT-enabled healthcare investments for USVP.
Source: Tech Crunch
Other insights in Pharmaceutical Affairs
Read our insight
Working as a pharma professional at Strand: what is it like?