YL Ventures has a long history of bringing smart Israeli cybersecurity companies to market. The Silicon Valley-based, but Israeli-conceived venture capital firm has a long string of successes, including Hexadite (sold to Microsoft), FireLayers (sold to Proofpoint), BlazeMeter (sold to CA), Twistlock (Docker security platform) and Karamba Security (automotive cybersecurity platform). Currently investing out of its $75 million third fund, YL Ventures accelerates the evolution of portfolio companies via strategic advice and Silicon Valley-based operational execution.

The Karamba investment, in particular, indicated a move out of core IT security and into vertically-specific areas. That strategy is being continues with the announcement today of the launch of Medigate, a security startup focusing on connected medical devices. YL has invested $5.35 Million in the company and will no doubt be applying its unique brand of acceleration to the Medigate proposition

Medigate’s reason for being

Anyone who has visited a hospital or other healthcare facility of late will know that the number of connected devices being used in healthcare is skyrocketing. There are an estimated 100 million connected medical devices and predictions suggest this number will double in the next couple of years. And while these devices are delivering innovative, economical and often lifesaving treatment to patients, nefarious parties see them as an attractive option.

Indeed, according to the Ponemon Institute, more than 90 percent of healthcare providers suffered at least one data breach in the last two years.  Medical devices are already a target, as seen in attacks such as MEDJACK that started in 2015 and continues today. Existing and pending patient privacy and medical device regulations and FDA guidance raise the stakes even more. According to Gartner Research analysts, the possibility of cybersecurity threats intensifies exponentially as more medical devices utilize embedded software and firmware components and are connected to the internet, to healthcare networks and to other connected medical devices in a peer-to-peer fashion.

Which is where Medigate comes in. The solution is a dedicated platform for securing networked medical devices that are connected to electronic medical records, device servers, other enterprise systems and the internet. Medigate combines domain knowledge about medical workflows and protocols, with more general cybersecurity smarts. The result is visibility into all medical devices connected to the network and insights into cyber attacks. Yoav Leitersdorf, the brains behind YL Ventures, justifies having a specific medical cybersecurity offering when he says that:

Connected medical devices – from patient monitors, MRIs and CAT scanners to infusion pumps and yet-to-be invented devices — are critical to the delivery of healthcare today and are revolutionizing the care of tomorrow. These devices are inherently different from traditional IT endpoints and can’t be protected by currently available products and practices. With the pandemic of cyberattacks targeting healthcare providers, this leaves far too many connected devices vulnerable and exposed, putting patient health and privacy at risk. Providers simply can’t afford to leave this problem undiagnosed and untreated much longer.

The current medical cybersecurity landscape

Currently, organizations depend on existing cybersecurity products, such as general-purpose firewalls, as well as current IT best practices, to secure connected medical devices.  However, as Medigate sees it, because medical devices are different from other IT devices, these approaches fall short in effectiveness.  Medical devices can’t be patched, updated online or actively managed with endpoint security software products. Existing firewalls fail to understand how these devices work and communicate, leaving them vulnerable to attacks over both typical network protocols and unique medical device protocols. And while device manufacturers will continue to deliver more secure devices, today’s secure device often becomes tomorrow’s risk when targeted by creative and determined attackers.

According to a Forrester report authored by Senior Analyst Chris Sherman:

You have less control over connected medical devices than any other aspect of your technology environment. Many times, vendors control patch and update cycles and vulnerabilities persist that require segmentation from your network. Considering that many of these devices are in direct contact with patients, this is a major cause for concern.

And some names in high places seem to agree with this need for a specific medical solution. Says Heath Renfrow, U.S. Army Medicine CISO:

Because it is not possible to effectively deploy endpoint security solutions and regular security patches to these devices, they significantly increase the exposure in my organization’s overall risk posture. A product like Medigate would add a much necessary layer of defense, significantly reducing the risk of medical device vulnerabilities to my networks.”

MyPOV

I buy Medigate’s assertion that a vertically-specific platform is a good idea for medical devices. That, backed up by the fact that YL seems to have an uncanny knack for picking winners, makes this an interesting proposition.

Ben Kepes

Ben Kepes is a technology evangelist, an investor, a commentator and a business adviser. Ben covers the convergence of technology, mobile, ubiquity and agility, all enabled by the Cloud. His areas of interest extend to enterprise software, software integration, financial/accounting software, platforms and infrastructure as well as articulating technology simply for everyday users.

Leave a Reply