Changing the Game for Medical Device Security: Medigate Protects Patient Safety and Privacy from All Kinds of Cyber-Attacks

Healthcare providers today depend on tens of millions of connected medical devices to deliver quality care to patients, and the number of medical devices is expected to double in the next 2 years. Unfortunately, these devices have opened the door to new and creative cyber attacks. According to the Ponemon Institute, more than 90 percent of healthcare providers suffered at least one data breach in the last two years. After witnessing the havoc created by the series of WannaCry ransomware attacks in 2017, the founders of Medigate were compelled to utilize their extensive cybersecurity knowledge to solve the complex problem of securing connected medical devices.

Founded in September 2017, Medigate fuses together cybersecurity expertise and in-depth medical device identification capabilities - including manufacturers’ protocols - with the knowledge and understanding of medical workflows to deliver the industry’s first security platform created solely for medical devices. Only Medigate can fully identify these unique devices by type and personality as well as analyze and understand their clinically-based protocols, communications and, behaviors. By using this innovative approach, Medigate delivers the highest level of protection for connected medical devices and secures the Internet of Medical Things (IoMT) from network attacks and data exfiltration attempts.

“Historically, there has been little collaboration between providers, manufacturers and security providers. We’re partnering with all parts of the ecosystem on an ongoing basis to help ensure we have the most comprehensive solution to secure clinical networks,” says Jonathan Langer, CEO of Medigate. “We know all about the brand new threats and our researchers are up-to-date with all the latest advances in medical devices.”

Interview Snippet with CEO, Jonathan Langer

Q.What is the impact of cloud and big data on a company’s IT infrastructure and security?

Looking only at healthcare, the trend that we’re noticing is that medical devices are increasingly connecting to networks and as that happens, the amount of data generated, stored and analyzed in big data analytics and cloud platforms is just exploding. One of our challenges in terms of leveraging that data in order to identify attacks, and to mitigate them in real time, is to be able to analyze this information and understand the baseline behavior of these networks.

Q.What is unique about your approach to product development?

From the beginning, we’ve worked with large hospitals to truly understand the low-level behavior of the network and to get our offerings right. Partnering with customers to refine and expand the capabilities of our solution helps us deliver the solution they need out of the box. A customized feature for one client can become a standard deployment feature, driving more value. The model has been successful; the traction, the need, and the response that we’re getting is tremendous.

Q.How are customer reviews motivating you to keep innovating and improving your solution?

A great example is what we saw from customers ultimately led us to integrate our platform with Palo Alto Networks firewall. That happened as a result of our discovery on the ground with clients. We’re very proud and glad to be partnering with such a great company like Palo Alto Networks.

Q.How do you differentiate Medigate from all of the cyber security companies coming from Israel and all over the globe?

We’re solely focused on the protection of medical devices or what we call the Internet of Medical Things (IoMT). This is a highly expertise-oriented domain. You have to understand cybersecurity very well, but you also have to understand the clinical setting and the clinical engineering components of the devices which requires a lot of effort. No other company has chosen to focus 100 percent on this particular problem.

 Q.In a cybersecurity company there are two major challenges: to secure itself from any attack and to secure the clients. So, how does Medigate manage both?

With regard to our clients, this is the premise of our solution and we feel that we’ve created various features that will dramatically improve the cybersecurity posture of the hospitals and the manufacturers that we’re servicing. And, in terms of protecting ourselves, we adhere to the regulatory requirements. We, at Medigate, take it much further by imposing an even more stringent restriction to safeguarding ourselves and we make sure that Medigate can serve as an example to other companies in cybersecurity.

The Road Ahead

Creating an industry-leading product is only the first step. Making sure it is easily deployed and integrated into existing IoT and network security infrastructure, like firewalls and NACs, is equally important. Medigate has already partnered with and integrated into Palo Alto Networks and Cisco as well as other key players in the industry.

Looking ahead, Medigate believes within five years the company will take a leadership position in cybersecurity for medical device security. It will expand both domestically and globally, working with providers and manufacturers and bridging the gap between them. “We’re excited to have pioneered a true medical device cybersecurity solution that protects patients and hospitals. The market is proving to be equally excited. Neither BioMed nor IT has been able to understand what’s on their network with the level of granularity we provide. And, this has opened new possibilities beyond security including inventory and compliance management.” Jonathan Langer concludes.

Meet the Leader

Jonathan Langer, Co-founded Medigate following his role as branch leader in the Israeli Defense Intelligence Corps commanding a team of technical analysts focused on the research of cyber related domains. Jonathan was awarded the prestigious Israel Defense Award and holds a LL.B from the Interdisciplinary Center in Herzliya.

“We understand medical device protocols, existing and potential cyber threats, and expected device behavior and we use this knowledge to prevent known and unknown threats in real time.”