Medigate, a medical technology cybersecurity firm, announced on January 29 that it has received $15m in Series A funding, which it plans to use to expand its team across sales, R&D, marketing, and customer services in order to accelerate growth.

Medigate develops and provides a cybersecurity platform service that is capable of uniquely identifying every medical device attached to a clinical network in order to track expected device behaviour and to help prevent unauthorised access to networked devices. This funding is announced as medical device manufacturers, healthcare providers, and governments around the world are both recognising current inadequacies in healthcare cybersecurity and steadily shifting towards new paradigms of increased cybersecurity and patient privacy protections.

As technology continues to advance, it has become clear that healthcare systems and devices around the world are becoming increasingly digitised and interconnected through the Internet of Things (IoT). For instance, the Australian government is in the process of creating a digital health record on a platform known as My Health Record for every citizen that does not opt out by January 31. Despite the potential benefits of this record, opponents of the move cite concerns over inadequate cybersecurity and insufficient patient data privacy protections.

Cybersecurity and data protection increasingly prioritised

The Australian Digital Health Agency (ADHA) revealed in its annual report that during 2017–2018, My Health Record suffered 42 data breaches. The Japanese government has recently passed a law amendment that grants the government the ability to hack into unsecured connected devices to perform a national survey. This survey on cybersecurity vulnerabilities is to better prepare Japan against cyber threats in the lead up to their hosting of the 2020 Summer Olympic Games.

It will be interesting to see if Japan or other governments adopt this active approach in determining the level of threat that exists domestically in their healthcare sectors in order to bolster their cybersecurity capabilities. Another example of the shift towards prioritising cybersecurity in the healthcare sector is the January 28 release of the Medical Device and Health Information Technology (IT) Joint Security Plan, an initiative to strengthen cybersecurity priorities between healthcare providers and medical device manufacturers, published by the Healthcare and Public Health Sector Coordinating Council (HSCC).

Cybersecurity for medical devices: patient data

Cybersecurity and patient data protections are now highly prioritised elements of global healthcare sectors and are likely to continue to grow. Entities operating in the healthcare sector are realising that cybersecurity and data protection are not something they can realistically tackle on an individual level, leading to a growing trend of priority alignment and cooperation between governments, manufacturers, and healthcare providers. As this trend continues, vulnerabilities in healthcare devices and networks will decline, and malicious attempts to access these networks will have to become increasingly sophisticated in order to succeed.