The Internet of Things in the healthcare sector is booming. A typical hospital has hundreds of connected devices, from implantables, wearables, monitors, workflow and imaging to patient data systems. But while these devices are helping healthcare providers automate workflows and reduce the risk of error, common security vulnerabilities found in these devices are also endangering patients.<\/p>\n
The FBI warned in September<\/a> that more than half of connected medical devices in hospitals had known critical security vulnerabilities, and these flaws are leading to a surge in attacks on the healthcare industry.<\/p>\n This uptick in vulnerabilities has also led to increased regulation. After COVID-fueled delays, the U.S. Food and Drug Administration this year released updates to its premarket cybersecurity guidance<\/a>and postmarket cybersecurity guidance<\/a>, outlining recommendations related to the design and maintenance of medical devices.<\/p>\n MedCrypt is a Y Combinator graduate-that\u00a0provides software for anything the FDA would consider a medical device where cybersecurity could be a concern, from insulin pumps and heart rate monitors to AI-based radiology tools and autonomous robots. These devices all suffer from three common problems, Kijewski tells TechCrunch: outdated software, user authentication and a lack of good cryptography.<\/p>\n \u201cHistorically, healthcare companies would assume that, well, if my device is running inside a hospital, we can trust the people inside the hospital, and if a bad guy gets into the hospital, then that\u2019s not our problem,\u201d said Kijewski. \u201cSo they would use the same username and password for every device that gets shipped out there.\u201d<\/p>\n MedCrypt this week announced that it had raised $25 million in Series B funding, led by Intuitive Ventures and Johnson & Johnson Innovation, to help device manufacturers meet these FDA requirements in order to get critical devices to market faster. The investment comes three years after it raised $5.3 million in Series A funding, a gap which the startup says was caused by the uncertainty created by the COVID-19 pandemic.<\/p>\n