MedCrypt Inc., a proactive cybersecurity solutions provider for medical device manufacturers, announced its partnership with Stratigos Security, a company that specializes in penetration testing and independent security assessments. Together, they offer a suite of third-party assessment and advisory services with specialized penetration tests for medical device makers to assure the safety and effectiveness of their devices.
In March 2023, the FDA announced that beginning October 1, 2023, it will “refuse to accept” medical devices that fail to meet cybersecurity requirements, further highlighting the need for developers to design and maintain products that align with the FDA’s pre- and post-market guidance.
Conventional penetration tests are a poor fit for assessing medical device safety and effectiveness risks, according to the company’s. The MedCrypt-Stratigos partnership provides specialized penetration testing specifically designed for medical device manufacturers. These specialized tests simulate attack techniques to identify reasonably foreseeable cybersecurity issues, providing a vital source of evidence to inform risk management. The results and reports are clear, practical, and can be submitted for regulation, making it easier to bring the devices to market and reducing post-market problems, according to the companies. Mature organizations build these tests into their product development framework from the outset, continuing through the lifetime of the device.
“We are excited to team up with Stratigos,” says Mike Kijewski, CEO of MedCrypt. “It is imperative for device makers to have access to world-class testing resources. Through our partnership with Stratigos, device makers can rely on our combined expertise and insights to ensure the security and integrity of their critical medical devices.”
This partnership provides manufacturers with pertinent identification of vulnerabilities and potential risks to patient safety and data privacy, offering independent evidence to regulators and third parties through regulatory-ready pentest reports. MedCrypt’s comprehensive cybersecurity offerings satisfy the FDA’s and global regulators’ secure product development framework requirements, ensuring healthcare organizations comply with regulations and proactively approach medical device cybersecurity.
“Our team of experienced cybersecurity experts, combined with MedCrypt’s deep understanding of medical device security, enables us to deliver comprehensive and effective penetration testing and security assessments that are tailored to the unique requirements of medical devices. We are committed to helping healthcare organizations mitigate cyber risks and safeguard patient safety,” says Beau Woods, the CEO of Stratigos Security.
