MedCrypt: Bringing Cybersecurity to Medical Devices

Providing medical device manufacturers with advanced protection from cybersecurity threats

Hospital devices
Published on


3 min

Healthcare organizations have become frequent targets for hackers. However, unlike typical cybersecurity attacks that promote the theft of data or finances, the threat in healthcare is more dangerous as complications such as data encryption and ambulance diversions impact patient safety. In addition, hackers can target medical devices (such as pacemakers or surgical robots), causing them to malfunction and potentially endanger patients’ lives.

Alumni Ventures portfolio company MedCrypt has developed a security platform that provides medical device manufacturers with advanced protection from cybersecurity threats. The company’s software helps prevent unauthorized access or misuse of an enterprise’s medical devices by authenticating users, encrypting data, and monitoring malicious behavior.

Addressing a Uniquely Vulnerable Market

Medical devices have evolved from disconnected and isolated products to fully networked equipment with bi-directional communications, remote access, wireless connectivity, and sophisticated software. With the number of connected devices rapidly increasing, critical equipment such as insulin pumps and glucose monitors are vulnerable to security breaches by hackers. 

Unlike traditional computing equipment, medical appliances need a more tailored cybersecurity approach as they boast unique characteristics, such as being used in various networks outside hospital walls. The consequences of hacking are also potentially life-threatening, as a compromised pacemaker or surgical robot poses a severe risk to patients.

MedCrypt’s suite of security tools helps device manufacturers build products that are secure by design and protected from new threats. The company’s solutions identify vulnerabilities, monitor field performance, and ensure the safe transmission of data to and from the device.

The company operates a SaaS model, charging its customers an annual fee per device secured. The price depends on the number of devices shipped and the risk associated with each device. MedCrypt currently has a number of paying customers, including seven of the top 10 medical device manufacturers.

What We Liked About MedCrypt

Leading the Industry Need: MedCrypt is one of the first and only startups offering tailored security solutions for the medical devices industry functioning at the device level, which would protect patients in their homes and outside of hospital networks. In addition, the company’s AI and ML insights become more robust as the data collected increases through time and additional clients, further separating MedCrypt from competitors.

Tailwinds in a Large and Growing Market: With the increase in cyberattacks on medical facilities, the FDA is expected to establish regulations in the future. MedCrypt has prepared for these regulations by recruiting a former FDA medical device officer to lead its regulatory strategy.

Experienced Team: The MedCrypt team has decades of medical device and cybersecurity experience from Symantec, Siemens, GE Healthcare, and the FDA. The company’s CEO, Mike Kijewski, is a Penn alum and previously co-founded and sold medical device software startup Gamma Basics.

How We Are Involved

Chestnut Street Ventures (for the Penn community) sponsored Alumni Ventures investment in MedCrypt’s $25 million Series B alongside sibling funds Nassau Street Ventures (for the Princeton community) and 116 Street Ventures (for the Columbia community). Other investors in the round included Intuitive Ventures, Johnson & Johnson Innovation, and institutional investors Section 32, Eniac Ventures, Anzu Partners, and Dolby Family Ventures.

Want to learn more?
View all our available funds and secure data rooms, or schedule an intro call.

New to AV?
Sign up and access exclusive venture content.

Contact [email protected] for additional information. To see additional risk factors and investment considerations, visit