After 1 Oct 2023, Following this date, the FDA will refuse to accept medical devices that fail to meet cybersecurity obligations. Credit: Ar_TH/Shutterstock.

US-based medical device cybersecurity company MedCrypt has partnered with Stratigos Security to provide security assessments and penetration testing offering a suite of third-party assessment and advisory services.

MedCrypt provides security products and services to some of the biggest medical device manufacturers.

Go deeper with GlobalData

Premium Insights

The gold standard of business intelligence.

Find out more

Related Company Profiles

View all

Its latest partnership with Stratigos Security will deliver specialised penetration testing, which will simulate an attack allowing issues and weak points to be identified in a device. The results will allow manufacturers to amend their risk management, they can also be submitted for regulation streamlining the product’s journey to market.

In March 2023, the US Food and Drug Administration (FDA) announced its plans for pre-market and post-market guidance, which will come into effect on 1 October 2023. Following this date, the FDA will refuse to accept medical devices that fail to meet cybersecurity obligations.

A study by Ponemon Institute revealed that around 49% of device makers do not follow guidance from the FDA, to mitigate or reduce inherent security risks. There currently has been a rise in product development to meet those requirements.

See Also:

Stratigos Security CEO Beau Woods said: “Our team of experienced cybersecurity experts, combined with MedCrypt’s deep understanding of medical device security, enables us to deliver comprehensive and effective penetration testing and security assessments that are tailored to the unique requirements of medical devices. We are committed to helping healthcare organisations mitigate cyber risks and safeguard patient safety.”

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Traditional testing is less effective for medical devices but with personalised penetration tests post-market issues and threats can be reduced. Well-established companies incorporate these tests into their products’ development framework from the beginning and will continue through the device’s lifetime.

In April 2023, MedCrypt announced it will be financing the School of Engineering for the Tufts University fellowship programme, supporting research on the investigation of medical device security and threat modelling.

More than half (53%) of connected medical and other Internet of Things (IoT) devices in hospitals have a known critical vulnerability.