If 2016 was the year that med tech players bet big on emerging and exciting technologies, 2017 will be the year to buckle down, generate evidence of the new tech’s utility and find its niche in the industry. This year, numerous companies made moves in artificial intelligence, while GlaxoSmithKline and Verily threw down $715 million on a bioelectronics-oriented joint venture. Meanwhile, M&A and venture capital funding took a dip, and a few events highlighted current and future cybersecurity risks that may materialize as med tech becomes more connected.

Bioelectronics, or electroceuticals, are built on the premise that tiny, implantable devices could help the body heal itself from illness by causing biochemical changes typically brought on by drugs. The concept--and applications--of bioelectronics are still up in the air, but British pharma GlaxoSmithKline has emerged as a leader in the field. It established its bioelectronics division in 2012, launched a $50 million bioelectronics venture fund in 2013 and is teaming up with Verily on a joint venture this year. GSK backs fellow bioelectronics player SetPoint Medical, which is working on an implant to treat Crohn’s disease.

While Glaxo doesn’t plan to trial a device until 2019, it has early prototypes in animal testing and has human trials for third-party devices on the calendar for 2017. Its partners include Belgium’s Nuviant Medical, whose platform it is using for its bioelectronic efforts. But it’s still early days and companies seeking to develop bioelectronics must answer a host of questions before such devices hit the market. These include long-term power sources for a device that will stay in the body for years, decades or even a lifetime, as well as the development of materials that won’t degrade in the body over time.

As for artificial intelligence, IBM has been making deals left and right, deploying its Watson supercomputer for clinical trial matching, to improve population health in China, to help the Department of Veterans Affairs boost its cancer precision medicine scheme and to accelerate Pfizer’s immuno-oncology drug discovery efforts. But while a number of companies have thrown in with IBM and dedicated themselves to applying artificial intelligence to healthcare, critics are still wondering about how, exactly, AI will benefit the sector. Over the coming year, expect the role of AI to be fleshed out a little more as smaller companies like Arterys and MedyMatch gain momentum and IBM carries out concordance studies evaluating the agreement between Watson and physicians.

After the bumper year that was 2015, M&A was all but sure to drop this year. And drop it did: the first half of 2016 posted $17 billion, a 79% decrease in M&A spend from H1 2015’s total of $84 billion. At the time, EP Vantage also reported that the number of deals actually increased, which could indicate an upward trend in the smaller deals that benefit innovative startups. But as of Dec. 21, large deals worth $1 billion or more dominated this year, accounting for 85% of total M&A expenditure.

As for venture capital funding, EP Vantage reported last month that med tech Series A rounds were larger than ever--Illumina’s spinoff Grail raked in $100 million this year, making it the joint-largest Series A in the industry’s history. If the Series A rounds are any indication, in vitro diagnostics is the place to be; of the top five rounds, three involve in vitro diagnostics and total $165 million in funding. And going beyond, Guardant Health picked up $100 million and Quanterix reeled in $46 million in Series D rounds, while Exosome Diagnostics raised $60 million in a Series B. While the soaring Series As may seem encouraging, EP Vantage cautions that some med tech startups scoring more funding might mean a “widening gap between the haves and have-nots,” where investors tend to pile their money behind a few companies or concepts and neglect other startups.

And finally, cybersecurity firms exposed flaws in some medical devices, including St. Jude Medical’s cardiac implants and a Johnson & Johnson wireless insulin pump, that could put patients at risk, even though they stated the risk is low. St. Jude denied allegations brought by short seller Muddy Waters and cybersecurity researchers MedSec that a hacker could infiltrate its heart devices and cause them to malfunction or drain their battery. Meanwhile, Johnson & Johnson disclosed the vulnerabilities of its Animas OneTouch Ping blood glucose management system and worked with Rapid7, the firm that discovered the security flaws, to address the issue. As we move into 2017, more and more companies are connecting their devices to mobile apps and the cloud, and the advent of connecting more devices to the internet will necessitate greater consideration and discussion of cybersecurity risks.

Here are some highlights for the year ahead:

  1. Megamerger era may be over, but M&A spend still hovers around bigger deals
  2. Artificial intelligence ramped up in 2016, but has to prove its utility in 2017
  3. 2016's cybersecurity risks raise questions about future interconnectivity