MedCrypt Acquires MedISAO, Becoming the Only Healthcare Cybersecurity Company Proactively Addressing FDA Premarket and Postmarket Guidances

Healthcare Cybersecurity

MedISAO provides information sharing and SBoM tools; acquisition establishes the implementation standard for medical device security

MedCrypt Inc., the leading provider of proactive security solutions for the healthcare space, today announced the acquisition of MedISAO, a cybersecurity information sharing organization dedicated to supporting the medical device industry. MedCrypt is now offering MedISAO’s information sharing analysis network for small and midsize business (SMB), as well as its Cyber Protek Software Bill of Materials (SBoM) and dependency vulnerability management tool, alongside MedCrypt’s flagship software solutions. MedISAO’s founder, Daniel Beard, will also join the MedCrypt team in integrating and expanding the platforms.

“It can take anywhere from six months to a year for a new medical device to get its 510(k) clearance from the FDA,” says Mike Kijewski, MedCrypt CEO. “Our goal is to help device manufacturers meet the requirements from the FDA’s premarket and postmarket cybersecurity guidances, and MedISAO’s information sharing organization and Software Bill of Materials tool helps us do just that. Together, we’re helping manufacturers bring critical medical devices to market more quickly, reliably, and safely.”

Read More: What’s Next in Cybersecurity?

In its postmarket cybersecurity guidance, the FDA encourages medical device manufacturers to participate in a vulnerability sharing organization. MedISAO is currently one of only three information sharing and analysis organizations that was created to meet this recommendation from the FDA. MedISAO and MedCrypt see this as an opportunity to advance the state of medical cybersecurity and look forward to continued collaboration with industry partners, like the Health Information Sharing & Analysis Center (H-ISAC).

“I initially created MedISAO to help fill the information sharing gap among smaller medical device manufacturers that were just getting started with cybersecurity. As demand for our platform grew, we realized our customers were in need of a Software Bill of Materials tool as well, so we created Cyber Protek,” said Daniel Beard, Founder of MedISAO. “Joining MedCrypt will help both companies’ customers to expedite, manage, and demonstrate cybersecurity compliance, increasing security and decreasing the time it takes for life saving devices to market. I’m thrilled to join the innovative team at MedCrypt.”

MedISAO members receive weekly vulnerability advisories, coordinated vulnerability disclosure forms, and access to a vulnerability database with custom filters. Members who purchase Cyber Protek gain access to an SBoM generation tool, can analyze for vulnerabilities that affect their device, and benefit from a medical device management platform.

Read More: Patient Data in the Cloud Prompts Security and Privacy Concerns

MedCrypt’s medical device cybersecurity software tools and APIs make it more efficient, easier, and less expensive for medical device manufacturers to build safe and secure medical devices. MedCrypt’s cybersecurity platform can be implemented in full or with a modular approach to proactively secure both legacy and new medical devices efficiently and effectively.