Cylera raises $10M to protect hospital systems from cyberattacks

Steven Loeb · March 19, 2021 · Short URL:

Systems have only gotten more vulnerable as more people have been working from home during COVID

2017 seems like a lifetime ago now, but you may remember at the time that hospitals were hit by a ransomware strain called WannaCry, and later by one called NotPetya. According to some reports, more than 40 percent of hospitals worldwide were affected by this, along with other malware and ransomware, over the next two years.

Cut to 2020, and these systems are now even more vulnerable, as connected medical devices can make up a majority of the devices on a hospital’s network, said Timur Ozekcin, co-founder and CEO of healthcare IoT cybersecurity and intelligence company Cylera.

"This can mean 10 to 20 connected medical devices per hospital room. These devices are typically invisible to traditional IT-type endpoint and network security solutions and processes. In most of the deployments Cylera has participated in, the visibility is virtually zero to what healthcare IoT is in place," he said.

Along with a number of other potential vulnerabilities in the healthcare system, including a lack of visibility to the massive number of medical devices in place, and the fact that those devices are often managed and secured by different teams in the hospital, there's also now additional issues that have come up due to the onset of COVID, which has forced many employees to work from home.

"With the home workforce due to COVID, there are increased points of vulnerability, lack of information or security awareness education, and this population are easy targets for attackers to trick with malicious emails (the top malware deployment method) in order to gain access to organizations," said Ozekcin. 

All of this is to say that our health system is very vulnerable to cyber attack; Cylera, which announced a $10 million Series A funding round this week, wants to be the team and technology that never lets cyber attacks lead to physical harm or disruption of normal business practices.

It does this with a platform that can be deployed onto specified hardware platforms or run as virtualized machines, providing customers with differentiated asset management, risk analysis, smart segmentation, threat defense, operational analytics, and governance and compliance support.

"The components are twofold: a centralized management console that can reside in IT or in clinical departments, and multiple device sensors that can be easily deployed at the switch to passively mirror and analyze the healthcare provider’s network traffic and device behaviors," Ozekcin explained.

Some of Cylera's features include a real-time, and continuously updated inventory of all connected IoT devices, including medical devices, OT devices, manufacturing devices, and general IoT; technology that can create a virtualized “digital twin” of equipment so the platform can diagnose vulnerabilities and provide risk assessment and remediation guidance on live devices without ever touching them; and device location, which can identify and guide to within feet where devices are physically located.

"Many vendors in this space have similar functional claims, use similar wording, but our product features and functions are differentiated during on-site proof of concept evaluations," said Ozekcin. 

Most of Cylera's customers are well-known hospital facilities in the US and internationally, which typically have between 1,500 to 2,000 beds, though customers can be as small as 25 beds and or as large as 4,000 beds.

In terms of ROI, Cylera's customers can see an average savings of one full time employee's salary (estimated at $140,000 a year with benefits) for each site where the platform is deployed. In addition, its fleet optimization capability can literally lead to savings of between $10,000 to $25,000 per day, or even higher, depending on the devices or equipment.

Cylera latest funding round was led by Concord Health Partners and Maverick Ventures and it brings the company's total funding to $17 million. It has also raised money from Concord Health Partners, Maverick Ventures, Contour Venture Partners, Two Sigma Ventures, Dreamit Ventures, Great Oaks Venture Capital, Red Bear Angels and Samsung NEXT.

Part of the money will go toward doubling the size of its 30 person team by the end of the year, expanding its research and development, channel support, customer success, and sales and marketing teams. The funding will also be used expand the company’s footprint into new global markets through strategic channel partners; Cylera is currently working mostly in the US and UK, though it is also rapidly expanding further into EMEA. The plan is to enter APAC as soon as it has regional representation there. 

"US and UK markets have always been a focus of Cylera, and we now have the ability to build the additional local resources to support our customers and partners. We sell strictly through channel partners, but still need to provide field marketing and sales support," Ozekcin said.

The company also plans to expand the technology into new verticals, specifically market segments where its technology has real impact on customers and tangibly impacts their safety and operations.

"COVID-19 has highlighted the interconnected nature of healthcare and industry from suppliers, manufacturers, logistics and others. We’re sizing all those up for prioritization in 2021 and beyond at this time." 

Support VatorNews by Donating

Read more from our "Trends and news" series

More episodes