MedCrypt Inc., a cybersecurity solution provider for medical devices, has launched end-to-end medical device cybersecurity consulting services, designed to help customers improve product security, achieve regulatory compliance, and generate overall positive business return on investment. These services cover a range of topics, including business strategy, product architecture assessments, process reengineering, change management, threat modeling, and regulatory strategy.

“Healthcare cybersecurity is in a transformational phase,” says Mike Kijewski, CEO of MedCrypt. “Without fail, every medical device manufacturer is looking to overhaul a part of its product security program in some way. With support from MedCrypt, our clients can now tackle security transformation projects without compromising their ability to deliver innovative clinical features and patient care.” 

According to MedCrypt, the U.S. medical device market is projected to grow to $208 billion (33%) by 2023. The company notes that today’s medical device manufacturers (MDM) are developing products designed to take full advantage of the advent of connected communications, but the features of connected technology also inherently bring security risks to the business.

Since the disclosure of the EternalBlue vulnerability led to the WannaCry malware events in 2017, there has been an increase in the reporting of high-profile, highly pervasive vulnerabilities, according to the company. MedCrypt will work alongside MDMs to mature their product security programs and to help them meet the U.S. FDA’s premarket and postmarket cybersecurity guidances.

“The healthcare industry continues to be a landscape full of amazing potential for better patient care; however, the advancement of technology is dependent foundationally on security,” says Michael McNeil, senior vice president, global CISO at McKesson, who joined MedCrypt’s board of directors in 2020. “This requires changes to people, processes, and tech with a clear strategy for implementation.”