Cybersecurity companies shield healthcare organizations from losing data, experiencing loss of functionality, or exposing confidential patient information. In light of the rising frequency of cyberattacks, these companies ensure that healthcare organizations can continue making expert care provision their main priority.
Here are 115+ companies focused on cybersecurity for hospitals, health systems and other healthcare organizations. Contact Anna Falvey at afalvey@beckershealthcare.com with questions, comments, or to recommend a company for this list.
Note: Cybersecurity companies do not and cannot pay for inclusion on this list. This list is not exhaustive, nor is it a ranking or rating. Companies are listed in alphabetical order.
Absolute (Vancouver, Canada). Absolute offers near real-time security breach remediation. The company's Absolute Persistence product, a self-healing endpoint security technology, provides IT personnel control over devices and data. Absolute's cloud-based visibility allows for remote IT asset management and security for healthcare providers, including support from its healthcare information security and privacy practitioners and ASIS-certified protection professionals.
Agari (San Mateo, Calif.). Agari allows companies to secure themselves and customers from advanced phishing attacks. Agari is a part of Eden Prairie, Minn.-based Fortra's cybersecurity portfolio. Agari provides an integrated cloud email security platform that blends AI, threat intelligence, and automated remediation to defend from threats, especially those that were not picked up by traditional defenses.
Akamai Technologies (Cambridge, Mass.). Akamai Technologies provides healthcare organizations with comprehensive security solutions that protect sensitive patient data and critical infrastructure. The company offers distributed denial-of-service protection, web application security and bot management specifically tailored for healthcare environments. Their Zero Trust security framework helps healthcare providers maintain HIPAA compliance while enabling secure access to applications and data for remote workers and multiple facilities. Their solutions provide secure application delivery, protection against data breaches and digital skimming, and security from industry-specific threats. The company serves over 225 healthcare organizations globally and secures billions of web transactions daily through its intelligent edge platform comprising approximately 350,000 servers across 135 countries.
AllClear ID (Austin, Texas). AllClear ID provides breach response and customer identity protection services. The company notifies customers in the event of identity theft and assigns a dedicated investigator to initiate any dispute processes, recover financial losses and restore credit reports to the pre-fraud state.
Anatomy IT (White Plains, N.Y.). Anatomy IT helps healthcare providers deliver exceptional patient care through technology and cybersecurity solutions. With 30-plus years of experience, the company understands healthcare organizations’ unique risks, opportunities, and challenges. Anatomy IT partners with over 1,950 clients serving 39,000 healthcare staff nationwide, including ASCs, physician groups, and hospitals.
Armis (San Francisco). Armis, an asset intelligence cybersecurity company, protects the entire attack surface and manages organizations' cyber risk exposure in real time. In a rapidly evolving, perimeter-less world, Armis ensures that organizations continuously see, protect and manage all critical assets, ranging from the ground to the cloud. Armis secures Fortune 100, 200 and 500 companies as well as national governments, state and local entities to help keep critical infrastructure, economies and society stay safe and secure 24/7.
Asimily (Sunnyvale, Calif.). Asimily provides Internet of Medical Device security solutions to protect hospital system's internet-connected devices and equipment throughout their lifecycles. Founded in 2017 by cybersecurity experts, The company’s solutions are deployed at major hospital systems nationally and globally. The company is innovating through the recent launch of a built-in policy management module and a channel program.
Avertium (Knoxville, Tenn.). Avertium is an end-to-end cybersecurity solutions provider. The company uses application programming interfaces to help healthcare organizations coordinate patient care in unprecedented ways, making it faster and easier to store patient data.
Axway (Phoenix). The Axway Amplify Platform is a data and engagement platform that can provide real-time operational intelligence and API lifestyle management. In the healthcare space, the Axway Amplify can help eliminate silos, overcome interoperability challenges, accelerate meaningful use and promote patient engagement with health information.
Barracuda (Campbell, Calif.). Barracuda offers solutions to solve IT problems including content security, networking and application delivery and data storage, protection and disaster recovery. The Barracuda Web Application Firewall provides secure access to patient portals while the Barracuda NextGen Firewall F secures network devices against persistent threats, malware and zero-day exploits.
Battelle (Columbus, Ohio). Battelle is a nonprofit research and development organization that includes a team of experts devoted to medical device cybersecurity. The team members, led by a certified ethical hacker, hacks into medical devices to help manufacturers identify vulnerabilities in the software, mitigate cybersecurity risks and help design new products.
BeyondTrust (Phoenix). BeyondTrust delivers cybersecurity solutions designed to reduce risks and act against internal and external data breach threats. The company offers an integrated risk intelligence platform to identify critical risks and provide information for the company. In the healthcare space, BeyondTrust's PowerBroker privileged account management solution enforces best practices; its Retina vulnerability management solutions allows the healthcare IT security team to identify exposure, analyze the business impact and conduct remediation.
BIO-key (Wall Township, N.J.). BIO-key offers biometric software and hardware solutions to strengthen user authentication. The company's products include finger scanning devices for authentication in addition to passwords, PINs tokens and cards for customers to secure their devices.
Biscom (Chelmsford, Mass.). Biscom is a leading provider of secure document delivery solutions for healthcare. The company’s secure file transfer, secure enterprise fax solutions, and cybersecurity consulting help some of the country’s largest healthcare providers keep documents secure, information sharing compliant, and employees collaborating.
BlueCat (Grapevine, Texas). BlueCat centralizes and automates domain name server services so organizations can leverage the DNS data for increased visibility, control and compliance. The company takes a software-centric approach to information security and promotes interoperability to manage complex network structures. In the healthcare arena, BlueCat allows organizations to centrally manage and track wired and wireless networks and devices.
CORL Technologies (Atlanta). Founded in 2012, CORL Technologies provides vendor security risk management solutions as part of the vendor risk management program. The program allows healthcare organizations to monitor vendor risk, ease compliance audits and improve executive-level communications and risk analytics reporting.
Castlestone LLC (Edwardsville, Ill.). Castlestone prevents many health insurance frauds which result from identity theft. Over 100 million Americans have had their health identity stolen in the last 2 years alone. Since no insurance claim system can determine whether a stolen or misused identity was used to file a claim, stolen identities are worth $250-$1,000 on the underground market. Castlestone addresses the conditions that allow this theft.
Centripetal (Herndon, Va.). Centripetal's core networking technologies are designed to simplify cyber intelligence collection and management to stop unwanted network traffic. The company's QuickThreat Gateway combines proprietary software and hardware to detect and enforce 5 million threat indicators. In 2017, Centripetal was named a Gartner "Cool Vendor" in security.
Critical Insight (Seattle). Critical Insight provides managed detection and response services, combining purpose-built technology with expert security analysts to perform full-cycle threat detection, investigation, response, and recovery. Forged in healthcare, Critical Insight’s technology platform, Security Operations Center, and information security consulting services help healthcare customers gain critical insight into their security posture.
Citrix (Fort Lauderdale, Fla.). Citrix provides a secure digital workspace to unify apps, data and services necessary for productive organizations while allowing IT personnel to manage complex cloud environments. The workspace as a service company developed a platform for enterprise file synchronization and sharing with users across all business segments. The Citrix Windows apps solution allows healthcare organizations to securely deliver apps to diverse mobile devices including tablets and smartphones. The company's Enterprise Mobility Management Technologies provides security for bring-your-own-device environments.
ClearDATA (Austin, Texas). ClearDATA is the only provider of cloud security and compliance software and services purpose-built for healthcare, enabled by the powerful CyberHealth Platform. The company's cloud security posture management solutions offer full visibility, protection, automation, remediation, and enforcement of security and compliance measures to protect PHI and other sensitive healthcare data in the public cloud.
Clearwater (Nashville, Tenn.). Clearwater helps organizations across the healthcare ecosystem move to a more secure, compliant, and resilient state so they can achieve their missions. Bolstered by its 2022 mergers with CynergisTek and TECH LOCK, the company provides a deep pool of experts across a broad range of cybersecurity, privacy, and compliance domains, purpose-built software that enables efficient identification and management of cybersecurity and compliance risks, and a tech-enabled security operations center with managed threat detection and response capabilities.
CloudWave (Marlborough, Mass.). CloudWave provides cloud, cybersecurity and managed services that deliver a multi-cloud approach to enable healthcare organizations with any EHR service to architect, integrate, manage and protect personalized solutions using private cloud, public cloud and cloud edge resources. It delivers EHR and enterprise cloud services for more than 300 hospital environments in six countries, hosting and managing more than 140 healthcare and enterprise applications. Over the last year, CloudWave’s Cybersecurity Tactical Operations Center has handled 1650-plus cases, and each month monitors over 300,000 alerts.
Coalfire (Westminster, Colo.). Coalfire is the cybersecurity advisor that helps covered entities and business associates avert threats, close gaps and effectively manage risk. By providing independent and tailored advice, compliance assessments, technical testing and cyber engineering services, the company secures health data throughout the care continuum. Coalfire is one of the original HITRUST CSF assessor firms with the experience required to efficiently manage successful certifications.
Code42 (Minneapolis). Code42 specializes in data loss and insider threat protection. The company's cloud software rapidly detects data exposure, loss, leak, and theft and speeds incident response without lengthy deployments, complex policy management, or disrupting employee productivity. Founded in 2001, the company allows security professionals to protect corporate data and reduce data loss from insiders while fostering an open and collaborative culture for employees.
Comodo (Clifton, N.J.). Comodo has more than 100 million installations of its security product in healthcare as well as other industries. Comodo's technology authenticates, validates and secures networks and infrastructures around the world, designed to solve advanced malware threats, both known and unknown.
Coviant Software (San Antonio). Coviant Software provides secure managed file transfer solutions for healthcare companies, addressing the need to protect sensitive PHI and PII and maintain HIPAA compliance. The company's Diplomat MFT products automate vital file transfer processes, like PGP file encryption, scheduling, data capture for audit, task confirmation, and trouble alerts.
Cybereason (San Diego). Cybereason's platform can identify a single component of an attack and connect it to other information in the system to shut down the attacker's entire campaign. The platform is designed to quickly build the complex attack story and simplify the resolution process.
Cyderes (Kansas City, Mo.). Cyderes is a security services provider that defends and protects clients throughout the entire lifecycle. With more than 800 dedicated security professionals, the company works with clients from around the world to offer security, identify and access management, and risk management services.
DataMotion Health (Florham Park, N.J.). DataMotion Health enables providers to communicate more efficiently across the care continuum. DataMotion provides secure messaging and connectivity solutions to exchange protected health information for clinical use and to deliver improved care at reduced costs.
DB CyberTech (San Diego). DB Networks aims to protect databases from insider threats and cyberattacks. Founded in 2009, the company launched the first signatureless database cybersecurity product in 2013 and has received a patent for its approach to database protocol information extraction. Last year, the company launched its first artificial intelligence-based agentless database activity monitoring to protect against cyberattacks.
Diligent (New York City). Diligent is a software company that allows organizations to share information for board meetings. Their product offerings address governance, leadership, audit, risk, compliance and more. They touch several industries, including healthcare, nonprofit, technology, higher education and many others.
DNSFilter (Washington, D.C.). With 70% of attacks involving the domain name system layer, DNSFilter provides Protective DNS powered by machine learning. By securing the DNS layer, healthcare organizations can protect sensitive data from malicious domains that spread phishing, botnets, ransomware attacks and more.
DomainTools (Seattle). DomainTools examines network indicators and connects them with other active domains to develop risk assessments, identify attackers, assist in fraud investigations and map cybersecurity activity to attacker infrastructure. The company works with U.S. government agencies and contracts in addition to companies in the financial and healthcare space.
eSentire (Waterloo, Ontario). eSentire protects the critical data and applications of over 2,000 organizations across 35 industries from known and unknown cyber threats. The company provides exposure management, managed detection and response and incident response services designed to build an organization's cyber resilience and prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65 percent of its global base recognized as critical infrastructure, vital to economic health and stability.
ESET (San Diego). ESET was founded as an antivirus protection company and has expanded to include security solutions for customers in more than 200 countries. ESET's solution for healthcare companies protects against data breaches and can be deployed across multiple operating systems and endpoints.
Exabeam (San Mateo, Calif.). The Exabeam Security Intelligence Platform provides security intelligence and management solutions. Exabeam's platform can detect and respond to insider threats, track behavior analytics, protect against data loss, conduct breach investigations and report on data security compliance. The company earned SC Magazine's 2017 Best Emerging Technology award and was a finalist in the Cybersecurity Excellence Awards in 2017 for security analytics and threat hunting categories.
ExterNetworks (Piscataway, N.J.). ExterNetworks is a pioneer in Managed Technology Services with over 17 years of experience in providing end-to-end solutions featuring design, deployment and 24/7/365 support to top IT companies. With more than 500 unrivaled top employees and 1000+ field technicians, the company aims to eliminate all your managed services worries by deploying the solution in a jiffy.
F5 (Seattle). F5 is a technology company specializing in app security, cloud management, fraud prevention, traffic optimization and more. The company often provides healthcare companies with the technology they need to prevent healthcare fraud. F5 acquired Shape Security in 2020.
FireMon (Overland Park, Kan.). FireMon's Security Management Platform seeks to improve security while reducing operational costs through analytics, simulation and automation. The company focuses on protecting cloud-bound enterprises with next-generation security intelligence.
Flexera (Itasca, Ill.). Flexera Software aims to help enterprises and application producers increase application usage and security. The company has more than 80,000 customers in a variety of industries. Flexera's FlexNet Producer Suite is designed for intelligent device manufacturers as an end-to-end solution for software licensing, entitlement management and device lifecycle management.
Forescout (San Jose, Calif.). Forescout's approach to security protects organizations against emerging threats with the Forescout CounterACT. The company's technology assesses, remediates and monitors devices continuously and works with disparate security tools to accelerate incidence response. More than 2,400 customers in 60 countries use Forescout technology for network security and compliance. Healthcare organizations use the technology to secure agentless medical devices and mobile computing against cyberattacks.
ForgeRock (San Francisco). ForgeRock is a digital identity management company that works with organizations to adopt the ForgeRock Identity Platform. The platform allows healthcare providers to create secure digital identities for patients and collects data from apps, wearables and digital health and wellness services. In May, the company joined Philips, Qualcomm Life and others in a collaborative effort to enhance data from medical devices under the name OpenMedReady.
Fortified Health Security (Franklin, Tenn.). As a managed security service provider since 2009, Fortified Health Security offers a broad range of advisory and security operations center services that help organizations throughout the healthcare ecosystem protect patient data and reduce risk. Working alongside their clients, Fortified builds customized programs for healthcare organizations that leverage their prior security investments and current processes while implementing new solutions that strengthen their security posture over time. In 2023, the company introduced a unified service delivery platform called Central Command to streamline healthcare cybersecurity management.
General Dynamics IT (Falls Church, Va.). General Dynamics IT's cybersecurity operations provide service support to select the best security systems, develop data protection policies and monitor their networks. The company provides cybersecurity for the Department of Defense, local and state governments and select commercial customers. The company provides its full security services in the General Dynamics Health Solutions package to secure hospitals' systems and protect information.
Gurucul (Segundo, Calif.). Companies around the globe use Gurucul technology to detect insider threats, cyber fraud, internet protocol theft and external attacks. The company's technology includes user behavior analytics and identity access intelligence that includes machine learning anomaly detection and predictive risk-scoring algorithms to prevent unnecessary access and breaches.
HID Global (Austin, Texas). HID Global provides identity security solutions to governments and hospitals as well as educational and financial institutions. The company provides information security solutions to hospitals, mobile device use, visitor management and HIPAA-compliant medical record security and also gives suppliers secure access to the appropriate data.
HITRUST Alliance (Frisco, Texas). HITRUST Alliance is a nonprofit organization leading advocacy efforts and educational support to safeguard healthcare information and manage risk. HITRUST was founded in 2007 to protect health information systems and exchanges, providing access to common risk and compliance management, de-identification frameworks and related assessment and assurance methodologies.
HYAS Infosec (Vancouver, Canada). HYAS features a threat intelligence and investigation platform and a protective DNS solution that helps organizations detect and stop cyber attacks instantly. The company offers healthcare organizations visibility, protection and security against all kinds of malware and attacks, allowing them to control their security posture and take an offensive approach against those who intend harm.
Huntress (Ellicott City, Md.). Huntress is a fully managed security platform that protects its clients' endpoints, identities and employees. The company delivers an array of affordable, purpose-driven solutions that offer small and mid-sized businesses security and peace-of-mind.
iatricSystems (Boxford, Mass.). iatricSystems helps healthcare organizations monitor and protect patient privacy with Haystack iS. Building on 15 years of insights the solution utilizes machine based learning to help you eliminate false positives, automate detection of inappropriate activity and alert your team when serious incidents occur. Additional solutions in our privacy and security portfolio enable hospitals to maintain regulatory compliance, manage workflow to perform due diligence with third-party relationships, and ensure secure remote access to your networks.
Impact Advisors (Naperville, Ill.). Impact Advisors is a healthcare management consulting firm committed to solving the industry’s emerging and evolving challenges. They provide complete security coverage for their clients, including strategy, operations, organization, and business continuity services. By partnering with proven security solution providers to offer data, application, and network and system security, they deliver a single point of contact, accountability, and quality assurance. Their experts average 20 years of industry experience, many having worked as CISOs for healthcare organizations. Healthcare is their only business, and they possess a keen grasp of how to bridge financial, clinical, technical, physical, and administrative processes with the privacy and security requirements tied to federal regulations. Impact Advisors was recognized as Best in KLAS for Security & Privacy Consulting Services in 2023, 2022, and 2021.
Imprivata (Lexington, Mass.). Imprivata, the healthcare IT security company, provides healthcare organizations globally with a security and identity platform that delivers ubiquitous access, positive identity management, and multifactor authentication. Imprivata enables healthcare securely by establishing trust between people, technology, and information to address critical compliance and security challenges while improving productivity and the patient experience
Keyfactor (Independence, Ohio). Keyfactor brings digital trust to the hyper-connected world with identity-first security for every machine and human. By simplifying public key infastructure, automating certificate lifecycle management, and securing every device, workload, and thing, Keyfactor helps organizations move fast to establish and maintain digital trust at scale. The platform is designed to help healthcare organizations better improve reporting, reduce outages, and save time due to self-service certificate requests, allowing organizations to scale and accommodate growing needs while protecting data from cybersecurity threats.
Latitude Information Security (Exton, Pa.). Latitude is an information security consulting firm that provides individual security services such as risk assessments, security program development, penetration testing, application security assessments, and other necessary security services and activities to a nationwide client base. The company complements these individual services through security team staffing and augmentation as well as full program outsourcing. By evaluating risks and providing the necessary resources and support for improved security, Latitude simplifies the process for meeting and maintaining information security compliance standards with a detail-oriented approach and tailored path for each client.
McAfee (Santa Clara, Calif.). McAfee creates affordable solutions that make the world of healthcare a safer place. They’ve had a dedicated healthcare team for over a decade. The McAfee approach to providing orchestrated security has become the de facto standard for enterprise security, with solutions to protect the entire infrastructure ranging from endpoints, network, web, mobile and embedded devices and cloud. Healthcare IT counts on McAfee to help deliver proactive protection, complete security integration and automation.
MedCrypt (Encinitas, Calif.). Medcrypt is a proactive cybersecurity solutions provider for medical device manufacturers and offers a comprehensive suite of services designed to support them in navigating the complex landscape of healthcare cybersecurity. The company collaborates with clients to develop tailored roadmaps, conduct thorough technical and regulatory assessments, and recommend appropriate tools, services, or remediation plans to ensure compliance with the US Food and Drug Administration’s stringent quality and security standards, both pre-and post-market.
Insight Enterprises (Chandler, Ariz.). Insight Enterprises blends people and technology to support transformation. Their suite of solutions, along with deep technical expertise and supply chain abilities, assist healthcare organizations in achieving their goals. They are experts in cybersecurity, data and AI, intelligent edge, modern apps, modern infrastructure, the modern workplace and more.
Ivanti (South Jordan, Utah). Ivanti connects cybersecurity, endpoint management and enterprise service management technologies with intelligent automation products. Over 40,000 customers use Ivanti to find, manage, protect and service their IT assets. Invanti acquired Pulse Secure in 2020.
Meditology Services (Atlanta). Meditology Services provides consulting and management advisory to large hospitals and healthcare organizations across the country. Meditology's experts in IT risk management and healthcare IT consulting focus on assessing and developing security and compliance programs.
MedSec (Miami). MedSec is the leading vulnerability research and security solutions provider for healthcare manufacturers, vendors, and providers. Established in 2015, MedSec was the first cybersecurity organization formed exclusively to serve the healthcare industry. MedSec brings cutting edge security services, solutions, and products to healthcare manufacturers and providers. Its researchers have deep technical background in the military, technology, and telecommunications fields. Capabilities include Device Cybersecurity Risk Assessment; Penetration Assessment; and System Design Review.
MicroSolved (Columbus, Ohio). MicroSolved is a cyber security company that performs cybersecurity medical device testing, medical application assessments against HIPAA standards, organizational risk assessment and passive network mapping/segmentation.
Menlo Security (Palo Alto, Calif.). Menlo Security's Isolation Platform contains and eliminates malware while giving a completely native experience. The company's platform uses the isolation model to ensure malware doesn't reach the endpoint to access patient data at hospitals, allowing administrators to expand internet capabilities without risking data security issues.
Merlin Cyber (Tysons, Va.). Merlin is a leading provider of next-generation cybersecurity solutions that protect government and commercial organizations. Merlin offers a broad portfolio of solutions that secure the enterprise from end points to networks, from governance to risk management, from infrastructure to information. Combining solutions with deep industry expertise and experience, Merlin delivers the cybersecurity solutions that organizations need to protect their most critical business assets, while furthering their mission.
Microsoft (Redmond, Wash.). Microsoft invests more than $1 billion in security research and development each year and created the Microsoft Enterprise Cyber Security Group to develop solutions for Microsoft customers. The company opened its Cyber Defense Operations Center in 2015 and works with healthcare organizations' C-suites to support a culture of cybersecurity.
MicroStrategy (Washington, D.C.). MicroStrategy provides enterprise analytics and mobility software to clients worldwide. Healthcare organizations use MicroStrategy's enterprise solution to boost operational efficiency, expand businesses and improve the quality of care and patient experience. The company's healthcare solutions focus on supply chain management, revenue cycle optimization, hospital operations, population health management and claims analysis.
Mimecast (London, England). Mimecast makes business email and data safer for customers worldwide. Founded in 2003, the company's next-generation cloud-based security, archiving and continuity services protect email and deliver comprehensive email risk management. With Mimecast healthcare organizations can respond to industry risks by safeguarding protected health information, preventing advanced attacks like ransomware, archiving email and keeping employees connected during a mail server outage. Mimecast also met healthcare privacy regulations by completing a HIPAA security compliance assessment.
NCC Group (Manchester, United Kingdom). Formed in 1999, NCC Group provides expertise in cybersecurity and risk mitigation. The company has more than 35 offices and 15,000 clients worldwide, providing a variety of services including internet of things consultancy.
Netenrich (San Jose, Calif.). Netenrich takes a shift left approach to boost the effectiveness of healthcare organizations’ security and digital operations so they can avoid disruption and manage risk. The company's Adaptive MDR solution, powered by Resolution Intelligence Cloud technology, leverages AI and big data to deliver customized experiences and data-driven results. The solution evolves with changing needs to help hospitals achieve autonomic operations that act before critical issues occur. As a pure play Google partner specializing in Chronicle SecOps, Netenrich provides 24/7 proactive uninterrupted operations, peak performance, and peace of mind for those managing systems and data.
NetScout (Westford, Mass.). NetScout's Adaptive Service Intelligence optimizes a hospital's analytics platforms to identify signs of outages in the hospital's network before they occur to diagnose and repair the issues quickly. The technology could prevent issues with a surgical robot powering down in the middle of surgery or video screens going dark during a procedure.
Netwrix (Frisco, Texas). Netwrix serves more than 13,000 organizations across the world, supporting their data security needs. The company's offerings reduce risks as well as detect, respond to and recover from attacks.
Nexthink (Prilly, Switzerland). Nexthink's Nexthinker is designed to help organizations reduce health information breach incidents and improve security and compliance. In the healthcare space, Nexthink helps institutions secure protected health information, ensures HIPAA compliance, reduces risk for HITECH penalties and facilitates bring-your-own-device adoption for physicians and clinicians.
NTT Security (Chiyoda-ku, Tokyo). NTT Security offers security, risk and compliance services to help organizations meet immediate challenges in data security. The company's technology solutions team works alongside consulting services to give advice on the appropriate solutions for risk management.
Okta (San Francisco). Okta's IT products use identity information to grant access to applications on any device at any time while enforcing strong security protections. The platform connects companies to customers and partners securely. Okta works with CMS, New York City-based Mount Sinai Health System and Nashville, Tenn.-based Envision Healthcare, among other healthcare customers, to provide adaptive multifactor authentication and HIPAA-compliant cloud identity solutions.
OneSpan (Boston). With more than 10,000 customers in 100 countries, OneSpan provides security access to online information with two-factor authentication, transaction data signing, e-signature and identity management solutions. In the healthcare space, the company can secure protected health information in EHRs, protect electronic prescriptions and safeguard against unauthorized manipulation of mHealth apps.
OPSWAT (Tampa, Fla.). OPSWAT focuses on technologies to protect clients against cyberattacks. The company's solutions secure and manage IT infrastructure by scanning for known threats with anti-malware engines and sanitizing documents to prevent unknown threats.
Optimum Healthcare IT (Jacksonville Beach, Fla.). Optimum Healthcare IT is a healthcare IT staffing and consulting firm. The company provides healthcare providers, payers, software and life sciences organizations with support throughout the care continuum. Optimum acquired TrustPoint Solutions in 2021.
Ordr (Santa Clara, Calif.). Ordr is a leader in connected device security. The company enables security and IT teams to discover and secure every connected asset across their whole organization, from laptops and traditional IT equipment, to especially vulnerable Internet of Things, Internet of Medical Things, operational technology, and cyber-physical systems. Organizations worldwide trust Ordr to provide real-time asset inventory, address risk and compliance and accelerate IT initiatives.
Ostendio (McLean, Va.). Ostendio serves primarily healthcare clients, including WellDoc, the American College of Cardiology and Higi. The company's MyVCM Cybersecurity and Information Management platform uses behavioral analytics to drive employee and vendor engagement. Ostendio's solution manages all aspects of security and allows organizations to report their security profile to internal and external stakeholders.
Palo Alto Networks (Santa Clara, Calif.). Palo Alto Networks offers cybersecurity healthcare solutions for network security, cloud security and security operations. The company's approach blends separate and complex point solutions into integrated healthcare cybersecurity, ensuring that clinicians and hospitals can deliver uninterrupted care to patients anywhere.
Perforce Software (Minneapolis). Perforce provides enterprises with superior solutions that help drive digital transformation and innovation. They also offer dynamic development, intelligent testing, risk management and collaboration solutions. Perforce acquired Rogue Wave Software in 2019.
Pillar Technology Partners (Atlanta). Pillar Technology Partners specializes in comprehensive cybersecurity solutions tailored for hospitals, large physician groups, behavioral health, technology providers and payers. Solutions include vulnerability management, penetration testing, risk assessment and compliance readiness, among other services. Founded in 2005, the company offers game-changing security tools including identity and access management, managed security, advanced email security, IoT micro-segmentation, closed-platform AI and data analytics.
Pivot Point Consulting (Brentwood, Tenn.). Pivot Point Consulting enables healthcare organizations to realize maximum value from their technology and resources through managed services, data and analytics, EHR, ERP, advisory, virtual care and cybersecurity services. Its award-winning industry experts deliver consulting, managed services and talent solutions to providers, payers, life sciences and technology organizations. The firm is currently ranked No. 1 Best in KLAS: Managed IT Services and has been repeatedly recognized as a top performer by KLAS in multiple categories.
PKWare (Milwaukee). PKWare provides a solution for data discovery and protection, finding and securing data to minimize risk. The scalable software serves over 1,200 customers, many of them healthcare organizations.
Praetorian (Austin, Texas). Praetorian's solutions aim to identify and solve cybersecurity problems enterprisewide. The company's technical engineers and developers offer security expertise to minimize risk across digital assets. Praetorian offers corporate and product security solutions unified through its software platform. In the healthcare space, the company works with medical device manufacturers to identify and address vulnerabilities.
Prevalent (Phoenix). Prevalent focuses on risk management through a product suite focused on automated vendor risk assessment, continuous vendor threat monitoring and vertical vendor networks. Healthcare organizations can use Prevalent to better manage and monitor third- and fourth-party business associate risks.
Proficio (Carlsbad, Calif.). Proficio provides always-on cybersecurity protection and services to help customers detect and respond to or prevent security breaches. For healthcare industry clients, the company provides round-the-clock managed security services to protect confidential patient information and maintain HIPAA compliance.
Promisec (Boston). Promisec is an endpoint system, software asset management and compliance company that aims to help organizations avoid cyberthreats and attacks that lead to data breaches. The company's technology provides secure endpoints and clean audits to meet regulatory compliance standards.
Protegrity (Stamford, Conn.). Protegrity aims to develop solutions to protect data throughout its lifecycle without disrupting workflow. The company can provide security across big data clusters, cloud environments, databases and mainframes. The Protegrity data security platform can protect sensitive healthcare data through tokenization and encryption technologies.
Protenus (Baltimore). Protenus harnesses the power of AI to provide healthcare organizations with scalable risk-reduction solutions that drive the safest patient outcomes while protecting the reputation of the organizations. It is committed to reducing risk and fostering innovation for the companies it supports and in its own operations. The company has more than a dozen patents in 2024, and has been named a Best in KLAS top vendor for both privacy and diversion technologies for two consecutive years.
Risk Based Security (Richmond, Va.). Risk Based Security, a Flashpoint Company, focuses on risk identification and security management tools to protect a variety of clients, including drug companies and healthcare providers. Founded in 2011, the company offers a full set of analytics and dashboards designed to identify security risks by industry. The company provides several HIPAA- and HITECH-compliant solutions for protecting patient data.
RiskIQ (San Francisco). RiskIQ focuses on digital threat management, offering the RiskIQ Community Edition giving security analysts free access to the company's solutions within a collaborative online environment. RiskIQ provides a comprehensive digital threat management platform for healthcare providers to audit, discover, monitor, investigate and mitigate threats.
SailPoint (Austin, Texas). SailPoint’s identity governance platform provides healthcare organizations visibility into user access and transparency into who has access to what. Large healthcare providers now have more than a billion points of exposure to data breaches, mostly tied to the identity of individual employees and third parties. SailPoint provides a way of managing these points of exposure with the power of identity.
Saviynt (El Segundo, Calif.). Saviynt empowers enterprises to secure their digital transformation, safeguard critical assets and meet regulatory compliance. With a vision to provide a secure and compliant future for all enterprises, Saviynt’s cutting-edge solutions have been recognized as industry leaders.
Seclore (Santa Clara, Calif.). Seclore helps enterprises protect and control their digital assets wherever they go to prevent data theft and achieve HIPAA and other compliances. Pharmaceutical companies can use Seclore's offerings to secure and govern their intellectual property and other confidential digital assets. The company's electronic digital reference model provides patient protection from product dossiers, unauthorized access and issues related to file sharing.
SecureAuth (Irvine, Calif.). Founded in 2005, SecureAuth focuses on authentication to ensure all entities attempting to access data are known and verified. The company's technology offers flexible identity access control solutions to protect virtual private network, on-premises, cloud, mobile and homegrown applications. For healthcare organizations, SecureAuth protects electronic prescriptions and protected health information in a HIPAA-compliant way.
SecureMySocial (New York City). SecureMySocial technology scans social media use and warns organizations about activities that expose them to risk in real time. The platform prevents information breaches and data leaks on social media. In May, the company was named to 2018 Cyber Security 500 list.
Sedara (Buffalo, N.Y.). Sedara is a managed security service provider with clients across the U.S. The company manages network security for clients and ensures regulatory compliance, including HIPAA compliance, for organizations across the spectrum. The company provides continual data monitoring and alert systems to identify and defeat hack attempts. In 2017, Sedara partnered with The Bonadio Group, a New York-based independent cybersecurity and compliance services provider.
Semperis (Hoboken, N.J.). Semperis offers the most comprehensive identity resilience platform for before, during and after an attack that helps defend critical healthcare systems against ransomware attacks. Active Directory is used by a majority of healthcare organizations and Semperis provides AD-specific protection to safeguard healthcare organization's vulnerabilities.
SentinelOne (Palo Alto, Calif.). A group of international defense and intelligence experts founded SentinelOne to tackle cybersecurity issues with a new endpoint protection approach. The company's platform is certified as an antivirus preplacement. The SentinelOne Endpoint Protection Platform can monitor all endpoints accessing HIPAA-sensitive information and protect health information and can also predict advanced attacks and automate the threat response process.
Silverfort (Tel Aviv, Israel). Silverfort enables healthcare organizations to protect all systems and data by adding strong adaptive authentication across all systems, including PACS, EMR, and other healthcare systems. Using Silverfort organizations can seamlessly add MFA to systems without installing software on servers or user devices, and without complex integrations or configurations.
Skybox Security (San Francisco). Skybox is a privately held cybersecurity management company established in 2002. Skybox's security platform uses firewall and network device data to detect vulnerabilities, and its powerful attack vector analytics can reduce response times for greater network control. The company covers more than 2,000 enterprises globally, including Delta Dental, Neptune, N.J.-based Meridian Health System and eHealthInsurance in the healthcare sector.
SlashNext (Pleasanton, Calif.). SlashNext protects the world’s billions of internet users and the modern workforces from phishing and other malicious messages across all digital channels. The company's integrated cloud messaging security platform utilizes patented AI technology with 99.9 percent accuracy to detect threats in real-time to stop zero-hour threats in email, mobile and web messaging apps. Healthcare is one of the most heavily targeted industries when it comes to phishing attacks, and SlashNext protects healthcare organizations from data theft and financial fraud breaches.
Spirion (Tampa, Fla.). Spirion provides enterprise data management software to minimize risks, costs and reputation damage associated with cyberattacks. The company's platform is designed to identify, classify and monitor personal information, medical records, credit card numbers and other intellectual property.
Swimlane (Boulder, Colo.). Swimlane is a security and operations management platform with the capability to centralize security alerts and automate attack response. The company provides security automation and orchestration to unify, analyze and resolve alerts from the organization's existing security tools and provide analysts with threat intelligence. The company's solution can also gather security metrics and generate reports on cybersecurity efforts.
Swivel Secure (Leeds, England). Founded in 2001, Swivel Secure's AuthControl Sentry authentication platform allows organizations to tailor authentication requirements according to individualized security policies. Earlier this year, the company expanded their global partner program concentrating efforts on the United States.
Synopsys (Mountain View, Calif.). Synopsys is a software partner for companies around the world, focused on electronic design automation and semiconductor internet protocol. The company works with healthcare organizations to address cybersecurity risks for personal patient information and medical device hacking.
TFORM (Irving, Texas). TFORM is a data quality management software that addresses the presence of subpar and inaccurate data in IT operations. The company's platform enables healthcare organizations to pinpoint discrepancies within their IT data and equips them with the means to rectify these gaps.
Tanium (Kirkland, Wash.). Tanium's solution for hospitals and health systems provides complete visibility across managed and unmanaged endpoints to improve security hygiene. The tool allows users to ask a simple or complex question of any or all endpoints and receive a response directly from all endpoints within 15 seconds. Tanium can also collect data from third-party endpoint agents to bring multiple security and IT operations under one platform, which can help streamline operations and reduce costs.
ThreatMetrix (San Jose, Calif.). ThreatMetrix, a part of LexisNexis Risk Solutions, is designed to inspect digital transactions across applications, devices and locations in real time. The company also provides online fraud prevention and can pinpoint suspect behavior and fraud attempts before damage is done. The company also provides authentication for patients, payers and physicians logging into the system.
TraceSecurity (Baton Rouge, La.). TraceSecurity is a leading provider of cybersecurity and compliance solutions that help organizations of all sizes reduce the risk of cyber breaches and demonstrate compliance. With a combination of software and services, TraceSecurity can help organizations manage their information security program and supplement it with third-party validation.
Trend Micro (Irving, Texas). Trend Micro is a global cybersecurity company providing solutions for consumers, businesses and governments. The company's XGen solution was developed to help healthcare organizations improve security before, during and after attacks.
Trustwave (Chicago). Trustwave currently works with more than 3 million businesses to protect data and reduce security risks. The company provides a flexible portfolio of services to healthcare organizations designed to protect their specific infrastructure, networks and data while remaining HIPAA and HITECH compliant.
Tufin (Boston). Tufin's security policy orchestration solutions streamline security policy management across complex, heterogeneous organizations. The company's technology alliance program partners with industry leaders to integrate the Tufin Orchestration Suite with their existing solutions.
Untangle Arista Edge Threat Management (Sunnyvale, Calif.). The Untangle NG Firewall is designed as a single, modular platform that clients can run on their own hardware or as a virtual machine. Untangle helps the healthcare industry comply with HIPAA and HITECH through granular controls over who has access to the data. Untangle is a subsidiary of Santa Clara, Calif.-based Arista Networks as of 2022.
Varonis (New York City). Varonis' platform collects, stores and analyzes metadata in real time to protect data from cyberattacks. Organizations can monitor their unstructured data using the company's platform. Varonis specializes in protecting file and email systems storing spreadsheets, word processing documents, presentations and audio and video files that contain sensitive information. The company also offers a HIPAA compliance crash course.
Venafi (Salt Lake City). Venafi's platform pinpoints machine identity weaknesses and automatically makes updates to lower security risks. The company's platform is designed to help healthcare organizations better secure keys and certificates against privacy breaches by strengthening the cryptology.
Vera (Palo Alto, Calif.). Vera aims to protect data with strong encryption on any device without changing the existing workflow. The company's data-centric security solution is designed for collaboration while ensuring a high level of security, visibility and control. Vera includes HIPAA-compliant verticals for healthcare providers as well as pharmaceutical companies to secure intellectual property and trial data.
Virtru (Washington, D.C.). Virtru's products allow businesses and individuals to control access to emails, documents and data regardless of where the files are shared. In the healthcare space, the company's technology allows providers to share HIPAA-compliant emails and attachments, automatically identifying and encrypting personal health information. The company focuses on business privacy and data protection for more than 5,000 organizations worldwide. In May, the company closed a $37.5 million series B investment.
WinMagic (Mississauga, Ontario). WinMagic is a data security solutions company that secures data where it's stored and provides enterprise-grade data encryption and key management policies across an organization's operation systems. In the healthcare space, the company's platform encrypts patient data and takes steps to ensure there won't be a compliance breach.
Zix (Dallas). Zix protects business communications through email encryption. The company's solutions support around 15,000 businesses and 1,200 U.S. hospitals with email encryption, data loss prevention and bring-your-own-device security. In April, Zix acquired Seattle-based Erado, a provider of archiving, supervision, eDiscovery and analytics for the financial sector.