Medical device software security company MedCrypt, which is building, “security as a service” for connected device companies, has raised $750,000 in seed financing in a round led by Safeguard Science and angel investors. The company will use the funds to conduct commercial pilots with medical device vendors.
MedCrypt’s technology looks out for security weaknesses that arise from a combination of increasingly sophisticated cyber attacks and antiquated IT environments at health systems, as well as connected devices. The company seeks to protect health systems’ IT from unauthorized access through medical data, and is compatible with a wide range of devices, including defibrillators and MRI machines.
“The increased use of, and dependency on, connected devices at hospitals and health systems has revealed security risks and vulnerabilities, consequently putting patient safety at risk,” MedCrypt’s CEO and Cofounder Mike Kijewski said in a statement. “While it’s distressing to think about a hacker remotely disabling a medical device, it’s far more unnerving to consider a hacker silently talking over a device and sending it malicious instructions, resulting in patient’s injury or even death.”
To avoid such a catastrophe, MedCrypt allows manufacturers to authenticate users, encrypt data and cryptographically sign settings and patient prescriptions. It can monitor transactions between clinicians and devices, designed to ensure that “only trusted instructions from a trusted source are executed by the medical device,” according to Kijewski.
The system, which has been in development since 2014, uses machine-learning behavior analysis system to immediately flag unusual user behavior, as we well as a “Threat Sharing” feature designed to facilitate anonymous communication between multiple medical device vendors. As MedCrypt is deployed across multiple medical devices, the Threat Sharing feature will allow a vendor to know what activity security threats are targeting other devices without having to share specific vulnerabilities.
Dr. Gary Kurtzman, who is chairman of the board at MedCrypt and managing director of Safeguard, said device manufacturers, health systems and patients can all benefit from MedCrypt’s proprietary software.
"Behind this company are a proven team and a technology with the potential to disrupt the way device manufacturers design products for the healthcare industry,” Kurtzman said in a statement. “Battling cyber threats begins at the design phase, and technology like this complements our efforts to holistically improve healthcare delivery."