Cynerio CEO and co-founder Leon Lerman (left) and CTO and co-founder Daniel Brodie (right)
Cynerio, an Israeli-based cybersecurity startup that specializes in securing connected medical devices, announced this week that it has raised $30 million in Series B funding.
The funding round was led by the ALIVE Israel HealthTech Fund and previous investors Accelmed, RDC and MTIP. According to a statement from the company, an unnamed investment group based in the United Arab Emirates will also be contributing to the funding.
“With the additional backing of ALIVE and their expertise in the US healthcare system, we’ll be able to continue advancing our product offerings to support healthcare providers, with unparalleled threat detection, preemptive security, and response capabilities, while alleviating healthcare’s coinciding operational challenges,” CEO and co-founder Leon Lerman said in a statement.
Cynerio makes a suite of healthcare-related security products, including an AI-driven platform that provides inventory and asset management services, helps optimize resource allocation, tracks asset utilization and other services that help hospitals and healthcare organizations protect their connected medical devices. According to the company, every device is both tracked in real time and users are provided information on the make, model and manufacturer, operating system, firmware, serial number and MAC address, and even outline known vulnerabilities that affect it.
While IoT security has been a major concern in the cybersecurity industry for years, digital threats against medical devices carry some of the most worrying potential for damage against healthcare organizations and their patients.
According to a study by Palo Alto Networks’ Unit 42 last year, 83% of medical imaging devices run on unsupported operating systems. The vulnerabilities within accounted for just over half (51%) of all total threats facing healthcare organizations in 2020, though the numbers might look different today after a year of unrelenting attacks from ransomware actors.
While many IoT devices lack the sophistication or interface to make a ransomware attack practical, officials at the Cybersecurity and Infrastructure Security Agency have said in the past that there is some concern that many connected medical devices have both the interface and poor security to be vulnerable to such attacks.
IT and IoT assets in healthcare are routinely interconnected, with 72% of healthcare virtual local area networks mixing both in a way that could allow an infection to spread from a computer to a connected medical device on the same network.
Organizations like SAFE Identity, an industry consortium and certification body, formed an Internet of Medical Things working group earlier this year to establish new industry standards and guidance for manufacturers of connected medical devices and build in better, more secure credentials into future devices at the front end.