Medcrypt is the first company to combine cybersecurity technology products with management consulting, decision science, and regulatory strategy. We are a team of medical device experts who are laser-focused on supporting MDMs and bringing cybersecurity to the next generation of healthcare technology.
Medcrypt helps healthcare technology companies ensure medical devices are secure by design. We provide cybersecurity products and strategic consulting to expedite the go-to-market process of medical device manufacturers' new life-saving connected technologies.
Medcrypt’s aim, from inception, has been to solve new and growing cybersecurity concerns that plague the medical device manufacturing sector. We aim to enable medical device manufacturers to bring innovative clinical technology to market that is secure by design
FDA issued pre-market cybersecurity recommendations, focusing on identify, protect, detect, respond and recover principles.
Medcrypt founded
We started Medcrypt in 2016 to ensure that the medical devices we and our loved ones rely on were as safe and secure as technologically possible.
FDA issued the NIST-centric post-market guidance, with particular emphasis on addressing vulnerabilities that may result in patient harm.
Given the rapidly evolving landscape, FDA issued an updated draft guidance with recommendations for device design, labeling and documentation.
Series A
As a Y Combinator graduate (Winter ‘19), we raised a Series A led by Section 32, with participation from Eniac Ventures and Y Combinator.
FDA updates premarket cybersecurity guidance
The eSTAR (electronic submission template and resource) program will enforce the refuse to accept policy, positioning product cybersecurity as a business imperative.
Series B
This round included participation from Intuitive Ventures,Johnson & Johnson Innovation, and Dexcom Ventures, bringing funding to date to $36.4M
FDA updates premarket cybersecurity guidance
The eSTAR (electronic submission template and resource) program will enforce the refuse to accept policy, positioning product cybersecurity as a business imperative.
Medcrypt is obsessed with medical device cybersecurity, and that's reflected by the team we have put together.
New technology comes with both risks and rewards. Our team is motivated by our purpose to improve health, and our mission of impact at scale. As a high-performing team with big ambitions, we expect a lot of ourselves and of our customers.
When working with our internal teammates and external partners, we commit to:
The best innovations come from diverse teams. Medcrypters have a wide range of perspectives and experiences and we deeply respect the knowledge, skills, ideas, and capabilities each employee brings.
We earn the trust of our partners by providing realistic, practical, and evidence-based cybersecurity solutions and counsel. There is not always an easy answer and we value honesty above all else.
We strive to offer a “customer-first” approach. Our success is contingent upon partnership with medical device manufacturers to bring new healthcare technology to market.
We provide evidence-based risk assessments and practical recommendations tailored to the development stage of our partners’ devices, thus ensuring progress towards our shared goal — bringing innovative medical devices to market at scale.
Our cybersecurity experts are deeply ingrained in the healthcare industry because regulatory constraints require a healthcare-first approach, meaning clinical functionality, patient safety, and care delivery are always the highest priority.
We know medical device security is a challenging problem. We are working hard to take on big challenges, but know that solving this problem is an incremental process. The steps we are taking will create the future of medical devices.
Here at Medcrypt, we’re firmly committed to hiring, supporting, and growing new Medcrypters from all backgrounds to create a more equitable and inclusive workplace for everyone, and it shows in how we have grown our team and nurtured our culture.
We know that a more diverse and inclusive workforce facilitates better decision-making and increased innovation, leading to improved employee satisfaction, engagement and retention. In addition to the awesome culture we’ve created at Medcrypt, we’re in the process of formulating our next step towards strengthening our commitment to DEIB (Diversity, Equality, Inclusion, and Belonging). If you’re excited about what Medcrypt offers, want to help build the future of medical device cybersecurity, and would love to get involved in DEIB, let us know!
From patients to providers to our people, we are actively working to protect the delivery of care for all by taking the steps to help build a system of verifiable trust. We are innovators, committed to creating and holding space for unique perspectives, and we believe that diverse minds and lived experiences are the key to sparking innovation.
As an organization, we vehemently stand against racism, sexism, ageism, ableism, religious intolerance, transphobia, homophobia, and all forms of oppression through not only what we say, but what we do and how we do it. Medcrypt encourages a culture of inclusion and belonging, and empowers everyone to show up authentically, ask questions, and raise issues without fear. Creating this psychological safety in our organization drives us to grow together as a community.
We hold our Diversity, Equity, Inclusion, and Belonging commitment at the forefront of our actions from our transparent hiring practices, to our people-first way of working, and the way we embrace each other’s differences.
We welcome the challenges ahead and remain accountable by developing initiatives which bring awareness to inequities, cultural sensitivity, and the importance of standing with integrity.
We’ve partnered with Kansas State University to finance development of a customizable and scalable platform that integrates qualitative and quantitative metrics to provide actionable and prioritized recommendations to address current and future technological, regulatory, and business risks.
These findings will be disseminated to provide a foundation that others can build on, and Medcrypt will integrate this research into our cybersecurity solutions, helping medical device manufacturers reduce cybersecurity risks and meet regulatory requirements, ensuring that they’re focusing on fixing the most exploitable cybersecurity issues that have the biggest impact on patient and operator safety, which leads to increased trust between healthcare providers, patients, and the technology we all rely on.
We’ve also financed a fellowship with Tufts University to focus on medical device security and threat modeling. Although threat modeling is an essential component of the Secure Product Development Framework (SPDF) and processes and has been shown by the Food and Drug Administration (FDA) and Cybersecurity and Infrastructure Agency (CISA) to result in more secure devices, 49% of device makers do not follow guidance to mitigate or reduce security risks.
This research will focus on identifying common gaps in device threat models and support the development of new guidance and tools to help medical device manufacturers ensure that their devices are secure, working towards the goal of reliable, repeatable, and effective threat modeling.
Medcrypt is not only building solutions and services that meet the needs of medical device manufacturers today, we’re supporting the research initiatives our esteemed colleagues in academia are working on in the medical device space.
As proactive healthcare cybersecurity continues to grow in importance, buyers, patients and media are taking note of Medcrypt’s innovations and impact.
Get the latest healthcare cybersecurity news right in your inbox.
We'll never spam you or sell your information