MedCrypt’s Newest White Paper Emphasizes the Importance of the Software Bill of Materials in Healthcare Security

SAN DIEGO, Nov. 1, 2021 /PRNewswire/ — MedCrypt, Inc., the proactive cybersecurity solution provider for medical devices and manufacturers, today released its white paper on the digital transformation of the healthcare industry and the value of software transparency. Using examples of recent healthcare attacks, the paper analyzes the history and use-cases of the Software Bill of Materials (SBOM), and the challenges organizations face in implementing new security measures.


Titled “Benefiting from Software Transparency: From SBOM to vulnerability management,” the white paper explores the evolution of medical device development and explains why traditional engineering tools lack the ability to address the entire range of security processes requirements, premarket through postmarket, set by the Food and Drug Administration (FDA). 

“The healthcare industry understands the importance and increased need for better security measures, but in the wake of an ongoing global crisis, efforts and resources are focused on the continued care of patients,” said Mike Kijewski, CEO of MedCrypt. “Organizations are in need of support in order to create a security strategy quickly and MedCrypt’s newly-launched consulting services are meant to act as that resource to help organizations reach regulatory compliance now.”

SBOMs are the food labels of the tech world — a complete list of every “ingredient” in a piece of software that uniquely identifies each component, including version, and other relevant descriptors where applicable. In the U.S., the FDA has signaled its plan to require SBOMs and timely patching from all manufacturers, as the regulatory body has requested an incremental budget and increased regulatory authority.

“The healthcare industry is moving from a pre-SBOM world toward a future where SBOMs are ubiquitous and vulnerabilities are monitored and disclosed in a way that’s efficient and scalable,” said Shannon Lantzy, MedCrypt’s VP of consulting. “Every MDM we speak to is at a different stage in the SBOM journey. Some are focusing on vulnerabilities in the premarket stage, while others are focused on postmarket management. All want to reduce the burden of manually dispositioning vulnerabilities. Our consulting services will help MDMs identify weaknesses in their current processes, as well as the best path to scale.” 

For organizations, the integration of SBOMs across product life cycles comes with many challenges, ranging from inconsistent software component naming to the management of the complexities of the SBOM itself, to organizational challenges such as determining which groups are responsible for vulnerability identification, disposition, mitigation, and disclosure.

Earlier this month, MedCrypt announced the launch of its suite of consulting services, making the company the first firm to combine cybersecurity with management consulting, decision science, and regulatory strategy, 100% focused on supporting the medical device manufacturers. MedCrypt will help its customers with every part of the process, from business strategy to product architecture assessments, process reengineering to change management, and threat modeling to regulatory strategy.

Starting Monday, November 1, MedCrypt will be offering “SBOM Readiness Lightning Assessment” sessions to the first 5 medical device manufacturers who reach out via email ([email protected]). The purpose of the sessions will be to quickly identify gaps in current vulnerability management program(s) and provide recommendations on steps toward becoming SBOM-ready then optimizing to scale. For more information on MedCrypt’s full suite of services and to connect with the team directly, please visit

About MedCrypt

MedCrypt is a San Diego-based company that provides proactive security for healthcare technology. MedCrypt’s platform brings core cybersecurity features to medical devices with just a few lines of code, ensuring devices are secure by design. MedCrypt has raised a total of $9.4 million in funding with participation from Eniac Ventures, Section 32, Y Combinator, and more. For more, please visit

Contact: BAM for MedCrypt

Jenny Bourne

[email protected] 

Cision View original content to download multimedia:


Extensive Cooperation between China and Japan in Digital Society and AI

Frontpoint Security Expands Executive Team with the Announcement of its First Chief Commercial Officer