CEOCFO-Members Login

March 4, 2019 Issue



Providing a Dedicated Platform for Security of the Medical Devices and their ecosystem, Cynerio is enabling Hospitals with their many Patient Care Devices to Safely Stay Connected



Leon Lerman

Co-Founder and Chief Executive Officer




Interview conducted by:

Lynn Fosse, Senior Editor, CEOCFO Magazine, Published – March 4, 2019


CEOCFO: Mr. Lerman, what is the idea behind Cynerio? 

Mr. Lerman: Cynerio addresses a very serious problem of the vulnerability presented by connected medical devices in hospitals As part of the digital  revolution we are seeing the introduction of thousands and hundreds or thousands of connected medical devices, such as patient monitors, IV pumps, MRI machines, infusions pumps, ventilators and so on. All of these devices are now essentially becoming computers, with some of them connected to the internet and others connected to the internal hospitals network. Although sharing data using connected devices enables physicians to provide better patient care, medical devices were not built with security in mind. Very often, they are still running old operating systems such as Windows XP, using unsecure communications protocols that are very difficult to protect using current IT security solutions.


CEOCFO: Is the medical community recognizing the problem or are they not quite aware that there is really a big issue going on?

Mr. Lerman: We have seen a very significant increase in their awareness during the past year. Recently, the FDA provided guidance to manufacturers regarding the best practices that they should use to secure medical devices and the HHS (US Department of Health and Human Services) provided guidance for the healthcare providers on the best practices to make sure that their patients’ data and safety are secure.


CEOCFO: What is your approach to remedy the problem?

Mr. Lerman: Our solution is for the healthcare providers. We are providing a dedicated platform for security of the medical devices and their ecosystem. We install our solution on the hospitals network and we receive a copy of all the communications that goes in and out of the medical device ecosystem. Then we use our proprietary machine learning based technology to model medical device behavior to understand communications that take place to support medical workflows so we can detect anomalies when the devices are doing something they are not supposed to be doing and then stop those potential treats to ensure patient safety and data protection. 


CEOCFO: What are the challenges in doing both of those things separately, but the additional challenge providing two services and taking care of two problems at the same time?

Mr. Lerman: Medical devices are critical to providing patient care. Therefore, a cyber security solution ensures that they continue to provide patient care while making sure that the malware and the malicious activity is blocked and is not interfering with normal operations. This challenge requires a solution that has a deep understanding of clinical medical work flows and also a very good understanding of the attackers and their methods when attacking healthcare providers.


CEOCFO: Are there solutions available today or have people looked at the issue and come up with some potential solutions or are you blazing a trail in this area?

Mr. Lerman: So far, organizations are manually mapping and looking for the devices they have on their network and then trying to manually implement access control policies to protect them. However, in the last two years the severity and frequency of the attacks have increased so people understood that the risk is significant enough for them to take action. We consider ourselves as the leading company that is focused on the healthcare medical device cyber security realm. We only have two or three competitors in this world that are looking to solve this problem. It is a very new market and very innovative and mostly driven by startups.


CEOCFO: How can you block a threat, but being sure it does not stop a machine that is possibly keeping someone alive? Would you give us an example of how it might work?

Mr. Lerman: That is actually a great question! By mapping medical workflows we understand the critical communications that the medical devices are having and then we can detect anomalies. For example, you may have a CT machine that communicates to Japan in order to enable remote equipment maintenance. Our system is able to learn that communication on this specific port from the CT to Japan is legitimate. However, if we will see the same CT machine communicating with China we will be able to identify this anomaly and block it, because we know that it is not part of the normal workflow.


CEOCFO: Where are you in development today?

Mr. Lerman: The product is ready. It is already deployed in multiple customers, both in the US and in Europe. We are constantly adding new capabilities based on feature requests and based on feedback that we are getting from our customers.


CEOCFO: What have you learned as people are using the product? What are some of the changes?

Mr. Lerman: Security professionals are used to protecting the email servers, the different data bases and the laptops and so on. When it comes to medical devices it is typically the expertise of the biomedical engineers and not necessarily the IT professionals. Therefore, we learned that it is really important to put a very specific emphasis in the visibility part, to make sure that we really understand where the medical devices are and what their role is for the medical workflows and clinical processes. This understanding really helps the security professionals apply the right controls and the right security policies to properly protect the assets and their communications without interrupting hospital operations.


CEOCFO: What goes into an implementation? How do a user put all the pieces together?

Mr. Lerman: In terms of the deployments and implementations it is relatively simple. We basically have two parts to the solution. The first one is just a collector that we install on the hospitals network. The collector can be virtual, just software, or it can be a physical appliance that we ship to the customer. The second part is our cloud server, which receives metadata from the collector and does all of the machine learning. The deployment is pretty straightforward. We just need to make sure that we are getting a copy of the relevant medical device traffic in the organization. We are basically doing this direct using our technology and our machine learning algorithms.


CEOCFO: Would you tell us about your recent funding and how far that will take you?

Mr. Lerman: We raised seven million dollars from investors that specialize in both the healthcare space, in the medical device space and the cyber security realm. The main goal of this funding now that the product is ready to be used is to accelerate our activity, mainly in the US.


CEOCFO: How do you get a foot in the door at a hospital? There are so many ideas, services and products vying for attention.

Mr. Lerman: The problem that we are addressing affects the devices that provide patient care so we are solving a very important problem for healthcare providers. We also make sure that the deployment is very easy and painless for them. Once the customer deploys our solution they do not need to change anything in their architecture. They only need to send us a copy of the communications. We want to make sure that it is as easy as possible for the customer to deploy our solution  and that we can show , in a short period of time, the value that the solution brings.


CEOCFO: Do you foresee some of your clients looking for better solutions in other areas once they see what Cynerio can do. Might you be able to direct them or have some partnerships in the future? 

Mr. Lerman: The first thing we provide is visibility into medical devices and vulnerabilities that customers did not know about before. The next step is integration. The customer already has in place a lot of tools, such as firewalls and natural catch control systems. However, many of these tools are not being utilized to protect the medical devices, because they lack the necessary information. Therefore, we integrate with the tools that the customer already has in place and feed them with the information and knowledge that we have about medical devices, to help the customer protect the entire ecosystem using their existing tools.


CEOCFO: Why pay attention to Cynerio right now? 

Mr. Lerman: We are addressing one of the most critical problems that are out in the healthcare industry today. I think that the medical devices are the weakest link on the hospital security chain today and we have a very unique way of addressing this problem with our technology, which really was built from ground to bottom to meet the unique challenges of healthcare organizations. We also have a great team of folks, medical device professionals, healthcare professionals and cyber security professionals, to achieve these goals and provide the right solution for hospitals that will help them to solve this very important problem. So far, we are getting great feedback from our customers. We have great investors on board and we are very much looking forward to expanding the market and growing very fast for what we see as the biggest problem in healthcare cyber security today.



“Although sharing data using connected devices enables physicians to provide better patient care, medical devices were not built with security in mind. Very often, they are still running old operating systems such as Windows XP, using unsecure communications protocols that are very difficult to protect using current IT security solutions.”- Leon Lerman








© CEOCFO Magazine - All rights reserved

Any reproduction or further distribution of this article without the express written consent of is prohibited.



Internet of Medical Things Security, Cynerio, Connected Medical Devices Security, Leon Lerman, Providing a Dedicated Platform for Security of the Medical Devices and their ecosystem, Cynerio is enabling Hospitals with their many Patient Care Devices to Safely Stay Connected, CEO Interviews 2019, Technology Companies, Healthcare Company, Securing the Internet of Medical Things, visibility into all clinical assets on the IT network, ensure patient safety and data protection, healthcare security, healthcare device security, medical workflow analysis, device behavior learning, anomaly detection for medical devices, Secure Connected Medical Devices, Cynerio Press Releases, News does not purchase or make
recommendation on stocks based on the interviews published.