The cybersecurity industry is grieving the loss of longtime community contributor and healthcare security executive Michael Murray, founder and CEO of startup Scope Security, who passed away suddenly on April 6.
Murray was a pioneer in healthcare cybersecurity, joining GE Healthcare in 2014 at a time when medical equipment and systems increasingly were becoming Internet-connected and concerns over both cyber- and physical risks were rising. The term “industrial IoT” had not yet caught on, but Murray was among a small group of cybersecurity experts who decided to bring their white-hat hacking chops to industrial and consumer IoT firms as well as corporate businesses in dire need of cyberskills to defend their products from nefarious hackers.
In a 2014 interview with Dark Reading, Murray described how his then-new position at GE Healthcare included hacking GE’s medical devices and equipment to find bugs that could have physical ramifications for patients, assessing GE’s products through their entire product lifecycle, starting with their design.
“I’m [still] breaking lots of stuff. I’m just breaking it before it gets to the customer to make sure bad things don’t happen to people out in the world,” he told Dark Reading then.
He carried that passion — affixed to his LinkedIn profile as “on a mission to fix healthcare security” — through his launch of Scope Security in 2019, which last month amassed $20 million in a Series A funding round led by Thrive Capital. Other investors in the A round included SV Angel, Martin Ventures, Sound Ventures, Crossbeam, and Free Solo. In a press announcement about the funding, Murray said Scope Security was focused on offering specialized cybersecurity expertise for the healthcare industry, which over the past few years has increasingly become a target of cyberattacks.
“Generalist security firms are focused solely on IT, and lack a fundamental understanding of the healthcare ecosystem from medical devices and clinical systems to EHR to emerging digital health technology,” he said in a statement about the Series A investment. “With Scope, I want to rectify that, to protect one of our most vulnerable industries and to ensure patient access to healthcare they can trust.”
Before he founded Scope, Murray was the CSO of mobile security firm Lookout from 2016 to 2019, where he headed up research into APTs targeting mobile devices. He made a name for himself in cybersecurity as the managing partner of MAD Security, a consulting firm, from 2010 to 2014.
When Murray first made the leap from the security industry to the business world at GE Healthcare, he told Dark Reading it was all about making a difference: “I’ve had this conversation with a lot of people who have taken their next jobs, not because of how cool or because of the money, but of what impact they might have.”
For Murray, the biggest change then was “wearing a suit” to work. “But [there’s] nothing I’m doing that 22-year-old me would be disappointed about,” he said of his pivotal career move.
Editor’s Note: Mike Murray was a true pioneer in fostering the cybersecurity community and its evolution to helping defend vulnerable businesses. He was also a friend to many of us here at Dark Reading over the years — always generous in sharing his expertise with us, too, and always with kindness and a smile.