Healthcare cybersecurity provider CyberMDX has raised $10 million in Series A funding.
The round was led by Pitango Venture Capital, with participation from OurCrowd Qure. The company previously received seed funding from Firstminute Capital, though the exact amount was not disclosed.
Cybersecurity for medical devices is an absolute necessity in order to enable hospitals to focus on their main and most important mission – treating and saving human lives.
– Amir Magner, CEO, CyberMDX
The company offers services based around visibility and threat prevention in the healthcare sector.
“The expedited growth of connected medical devices poses exceptional challenges for hospital network security. Connected devices have become an integral part of hospitals’ IT networks, yet they are not monitored and remain unprotected. Recent massive cyber-attacks such as OrangeWorm, NotPetya and WannaCry illustrate the challenges and high-risk exposure for hospitals,” said Amir Magner, CEO at CyberMDX. “We passionately believe in the significance of our work, addressing the arising threat for healthcare provider networks. Cybersecurity for medical devices is an absolute necessity in order to enable hospitals to focus on their main and most important mission – treating and saving human lives.”
CyberMDX was founded in 2017 by Amir Magner, the former head of the Cyber Division at the Israeli Prime Minister’s Office, and entrepreneur Moti Shniberg. Their team consists of fellow Israeli Intelligence cyber unit veterans, medical device experts, and AI academic leaders with focus on healthcare.
The number of IoT-connected medical devices is vast and continues to grow, but many use legacy systems, and cybersecurity is rarely a priority in the design of connected medical devices.
“CyberMDX’s solution is well timed with the rapidly increasing threats hospitals face today. Existing security and IoT solutions are not enough to protect the dynamic healthcare cyber threat landscape,” said Rami Kalish, co-founder and Managing General Partner at Pitango, and a member of the Forescout board. “We believe the market will continue to see a shift towards specialized cybersecurity solutions that address hospitals’ unique needs. CyberMDX delivers a powerful solution for the industry, and we are excited to collaborate with and support them as they continue to grow the company.”
CyberMDX sheds light on security blind spots in the healthcare management landscape that security professionals otherwise struggle with.
– Joey Johnson, CISO, Premise Health
Recent research found that 60% of NHS trusts, for example, are still using Windows XP, support for which (including security updates) ended in 2014. According to a spokesperson, this is in many case due to legacy issues and the difficulty of upgrading expensive hardware such as MRI scanners.
Of the medical devices which can be patched to fix bugs and vulnerabilities, in cases where they are not running on a standard OS this relies on those patches being released by the provider. And once they are, patching hygiene in healthcare is – well – patchy. Because of the potential risks and downtime involved in installing patches, scheduling updates is a challenge.
But the potential fallout of a cyberattack is a far worse risk. As well as the risk of highly sensitive personal information being leaked as the result of a breach, cyberattacks in the healthcare sector have the potential to render equipment inoperative, potentially costing patients their lives.
We saw an example (fortunately with no fatalities) of the chaos that could result during the WannaCry attack, which affected at least 80 NHS trusts across England, leaving several hospitals unable to accept emergency patients. A further 603 primary care and other NHS organisations were also infected, including 595 GP practices.
CyberMDX addresses threats that have plagued medical systems and often cause significant damage and cost – not to mention negative revenue impact.
– Lane Bess, board member, CyberMDX; former CEO, Palo Alto Networks
CyberMDX aims to address this issue by offering a non-intrusive solution which provides visibility and risk management, along with threat prevention and detection functionality for IoT-connected medical equipment.
“CyberMDX sheds light on security blind spots in the healthcare management landscape that security professionals otherwise struggle with,” said Joey Johnson, Premise Health CISO and a member of CyberMDX’s advisory board. “The solution automatically lets users know what medical devices are on the network, what they’re connecting to, and what the risk level is for each connected asset. This not only helps protect the hospital network, but also helps them save time and money with a friction-free solution.”
The company’s MDefend platform uses artificial intelligence to provide more comprehensive and efficient visibility into the labyrinthine infrastructure of medical technology than a team of human analysts may be capable of.
“CyberMDX’s approach to medical device cybersecurity is unique,” said Lane Bess, former Palo Alto Networks CEO and a member of CyberMDX’s strategic advisory board. “Bringing together a deep understanding of cybersecurity, medical devices and Artificial Intelligence, CyberMDX addresses threats that have plagued medical systems and often cause significant damage and cost – not to mention negative revenue impact. I am highly impressed about the progress and the company’s ability to close security gaps across connected medical devices.”
