This CEO was told medical cybersecurity wasn't a real problem and started his company anyway

Written by vmurthy | Published 2021/08/13
Tech Story Tags: cybersecurity | healthcare-cybersecurity | yc | startups-of-the-year | medcrypt | medical-technology | medical-devices | founder-advice

TLDR MedCrypt helps medical device manufacturers build devices that are secure by design. Mike Kijewski was previously the founder of Gamma Basics, a software company focused on building web-based technologies for use in radiation oncology. He and his cofounder Eric saw an opportunity to build tools that help companies building medical devices build cybersecurity features directly into their devices. Their products address a specific set of security fundamentals, enabling manufacturers to proactively, easily, and reliably protect critical information at rest and in transit.via the TL;DR App

HackerNoon Reporter: Please tell us briefly about your background.

My name is Mike Kijewski. I have a long history with MDs and their related software.I was previously the founder of Gamma Basics, a software company focused on building web-based technologies for use in radiation oncology. I started Gamma Basics while a graduate student at the University of Pennsylvania, and it was acquired by Varian Medical Systems in 2013. I then served as a Quality Analytics Portfolio Manager for Varian Medical Systems, the world's largest supplier of radiation oncology technology, prior to co-founding MedCrypt in 2016. I hold a bachelors in physics from the West Chester University of Pennsylvania, a Master of Medical Physics from the University of Pennsylvania, and an MBA from the Wharton School.

What's your startup called? And in a sentence or two, what does it do?

MedCrypt.

MedCrypt helps medical device manufacturers build devices that are secure by design. Each MedCrypt product addresses a specific set of security fundamentals, enabling medical device manufacturers to proactively, easily, and reliably protect critical information at rest and in transit, monitor devices for security events, and identify and manage device vulnerabilities. In combination, these solutions enable manufacturers to not only protect critical device information and assure functional integrity, but also to holistically correlate security events with vulnerabilities and vice versa as well as identify affected versions and devices.

What is the origin story?

In 2014, I saw that hospitals were starting to ask questions about the patient safety impacts of a cybersecurity incident in a connected medical device. At the time, connected devices like CT scanners and drug infusion pumps were built with the assumption that the hospital’s network was secure. As this assumption fell apart, my cofounder Eric and I saw an opportunity to build tools that help companies building medical devices build cybersecurity features directly into their devices.

The rest is history.

Eric and I determined this was a space where sufficiently abstracting the complexity away from core cybersecurity features, in a way that understood the complicated healthcare ecosystem, would solve a real problem and address patient safety concerns.

What do you love about your team, and why are you the ones to solve this problem?

We’re a bunch of former medical device people who actually want to change the status quo. Instead of falling into the perspective of how people view the solution space, we think there is a fundamental shift in architecting proactive solutions that needs to occur for meaningful progress to be made against mounting security debt.

If you weren’t building your startup, what would you be doing?

Running a vegan bakery that I could check in on after surfing every morning.

At the moment, how do you measure success? What are your core metrics?

Our key measure of success is that the FDA has issued guidance validating our approach, that 5 of the top 10 medical device manufacturers are engaged with us, and that the industry is changing its position on how to ‘solve’ this space.

What’s most exciting about your traction to date?

When we started this company, we were told that this isn’t a real problem. Every day since then we have been proven correct in viewing the space and why device based security is the way forward.

What technologies are you currently most excited about, and most worried about? And why?

Most excited for the cutting edge clinical interventions that could be offered if they could operate securely. Changing how radiation treatments are delivered would be an extraordinary clinical success.

I’m most worried about the application of ML and AI in this space without sufficient consideration and understanding of biases present.

What drew you to get published on HackerNoon? What do you like most about our platform?

The community and desire to build content by those who are in the trenches on a daily basis is refreshing.

What advice would you give to the 21-year-old version of yourself?

Being an AP physics teacher will serve you in the long term even if you aren’t teaching in schools anymore.

What is something surprising you've learned this year that your contemporaries would benefit from knowing?

Even with the best intentions, every mess up can demonstrate the need to continuously check yourself and be surrounded by people you trust.

MedCrypt was nominated as one of the best startups in Encinitas in Startups of the year hosted by HackerNoon.

Published by HackerNoon on 2021/08/13
ABOUTHow hackers start their afternoons. We publish tech stories and build publishing software.

READEntirely free library read by hundreds of millions to learn anything about any technology.

WRITEHackerNoon elevates quality technology writing far and wide across the interwebs.

PARTNERHackerNoon works directly with tech companies to place ads by content relevancy