MedCrypt Announces Suite of Consulting Services for Improved Medical Device Cybersecurity

MedCrypt is the first firm to combine cybersecurity with management consulting, decision science, and regulatory strategy, 100% focused on supporting the medical device manufacturers
Published: Oct. 19, 2021 at 11:00 AM EDT

SAN DIEGO, Calif., Oct. 19, 2021 /PRNewswire/ -- MedCrypt, Inc., the proactive cybersecurity solution provider for medical devices, today announced the launch of its end-to-end medical device cybersecurity consulting services. From business strategy to product architecture assessments, process reengineering to change management, threat modeling to regulatory strategy, MedCrypt now offers a suite of services to help customers improve product security, achieve regulatory compliance, and generate overall positive business ROI.

A mature Secure Software Development Lifecycle program requires consideration and consistent...
A mature Secure Software Development Lifecycle program requires consideration and consistent management from premarket through postmarket.

"Healthcare cybersecurity is in a transformational phase. Without fail, every medical device manufacturer is looking to overhaul a part of its product security program in some way," said Mike Kijewski, CEO of MedCrypt. "With support from MedCrypt, our clients can now tackle security transformation projects without compromising their ability to deliver innovative clinical features and patient care."

The U.S. medical device market, the largest worldwide, is projected to grow to $208 billion (33%) by 2023. In today's market, medical device manufacturers (MDM) are developing innovative medical devices designed to take full advantage of the advent of connected communications, but the features of connected technology also inherently bring security risks to the business. Since the disclosure of the EternalBlue vulnerability led to the WannaCry malware events in 2017, there has been an increase in the reporting of high-profile, highly pervasive vulnerabilities. Names like Ripple20, Urgent/11, or Amnesia:33 have made the headlines and have sent device manufacturers and healthcare providers scrambling to determine which of their devices are at risk. To proactively address security requirements, MDMs have to transform, then optimize their business and regulatory strategies, and secure development lifecycle (SDLC) processes.

MedCrypt will work alongside MDMs to mature their product security programs and to help them meet the U.S. Food and Drug Administration's (FDA) Premarket and Postmarket Cybersecurity Guidances. Specifically, MedCrypt offers consulting services using industry best practices and standards: Organizational Maturity Assessment (e.g., JSP+), Strategy, and Roadmaps; Threat Modeling (e.g., OWASP+); Security Risk Assessment (e.g., AAMI TIR57+) and Postmarket Management (e.g., AAMI TIR97); Secure Architecture Reviews (e.g., NIST 800-160v1+); Design and Implement Security Controls (e.g., Management, Operational, Technical; Security Process Improvement (e.g., standardize SBOM generation, vulnerability dispositioning); Regulatory Process Improvement (e.g., standardized cybersecurity templates); Retainer and coaching services to support ongoing projects, products, or submissions.

"The healthcare industry continues to be a landscape full of amazing potential for better patient care; however, the advancement of technology is dependent foundationally on security. This requires changes to people, processes, and tech with a clear strategy for implementation," said Michael McNeil, senior vice president, global CISO at McKesson, who joined MedCrypt's board of directors in 2020.

For more information on MedCrypt's suite of services, please visit

About MedCrypt
MedCrypt is a San Diego-based company that provides proactive security for healthcare technology. MedCrypt's platform brings core cybersecurity features to medical devices with just a few lines of code, ensuring devices are secure by design. MedCrypt has raised a total of $9.4 million in funding with participation from Eniac Ventures, Section 32, Y Combinator, and more. The company is based in San Diego, California. For more, please visit

Contact: BAM for MedCrypt
Jenny Bourne


View original content to download multimedia:


The above press release was provided courtesy of PRNewswire. The views, opinions and statements in the press release are not endorsed by Gray Media Group nor do they necessarily state or reflect those of Gray Media Group, Inc.