11.07.18
Corvus Team

Life Sciences Innovation Brings Great Possibility, but Also New Risks

What Risks Are Associated with the Life Sciences Sector?

The powerful current of new digital technology has caused disruptive and transformational changes in the Life Science industry. This is changing the future of cancer treatment, producing life-changing vaccines, and allowing for valuable research efforts that many of us couldn’t even imagine. Much of the innovation is being powered by data and in many cases more and more personalized data. Information has never been more valuable and life sciences are becoming one of the most vulnerable industries to data breaches.

The cyber risks that plague life sciences can be detrimental. Compromised biotech research goes beyond issues for shareholders— there could be information powerful enough to develop dangerous products and bioweapons. As criminals and other threat actors continue to uncover new ways of monetizing sensitive and confidential data, these data assets are in turn becoming more and more valuable. Cybersecurity threats in the life sciences industry can directly put people’s health, safety, and security at risk. Many pharma and biotech companies, especially high-profile consumer brands, are high-value targets for cyber attackers.

The Top 3 Points of Concern in the Pharma and Biotech Sectors:

  • Clinical Trial Data

    • This includes sensitive patient data that is generated from clinical trials— this is at-risk information on both a patient level and a commercial level.
  • Confidential Information and Intellectual Property

    • Regarding the manufacture of biological drugs, etc.
  • Commercially Sensitive Information

    • Drug pricing and promotion

Cyber Threats in Life Sciences

Information-related risks including fraud, cyber, and security risks are now the areas of greatest concern for pharma and biotech sectors, as well as the sophisticated nature of medical devices and their connectivity schemas. Commercially sensitive information in all of these areas is at an all-time high. Physical theft or loss of intellectual property (IP) is currently the most prevalent type of security incident in the life sciences sector. Incidents relating to theft and loss of IP are costly and wide-ranging, affecting employees, customers, the organization’s reputation, and bottom line, and putting these important research and development projects at risk.

Interconnectivity of corporate data networks is necessary for life sciences; however, this has made intellectual property that much more vulnerable to cyber thieves who can monetize this valuable data. Categories of IP within the life sciences and medical device sectors include pharmaceutical and biotechnology patents, copyrighted data sets and reports, and trade secrets.
Life science organizations should also guard against the loss of personal information such as financial information, personal health information, and medical data.

6 Steps for Protecting Your Sensitive Proprietary Data and IP Assets:

  1. Identify and data map IP assets within digital and physical systems.

    • This should be done both onsite and in the cloud and include those with access, such as remote vendors and clinical researchers.

  2. Protect IP assets by implementing contractual, physical, and digital security systems.

  3. Stay informed on the most recent cybersecurity risks.

    • Implement basic security rules and create a security policy program that works to protect your IP assets.

  4. Conduct risk assessments regularly to evaluate and simulate best practices around protecting the company and stakeholders in the event of a system and/or data breach.

  5. Gain an understanding of the added risks that the Internet of Things and remote medical devices bring.

    • Expect an exponential increase in cybersecurity risks and be prepared to mitigate.

  6. Become educated on the legal framework surrounding the protection of the confidentiality of IP assets.

    • Additionally, understand the liability and regulatory frameworks impacting cybersecurity in life sciences and medical devices sectors.

Why Should Companies in the Life Sciences Sector Act Now?

Cybersecurity should be one of the main focuses in almost any organization’s agenda, but especially for those in the life sciences sector. The massive growth rate and use of Big Data and the Internet of Things are just some of the examples of the need to be hyper-focused on privacy and data security. Systems have never been more complex and interconnected, as powerful and sophisticated discoveries continue in pharma, biotech, and medical devices. Life Science companies should use all tools available, including those offered by their insurers, in order to predict and prevent risk— not just once a year at the Cyber Insurance renewal, but throughout the year.

[RELATED POST] Tech Companies: Beyond Cyber Risk, the Cost of Downstream Impact

Tech Companies: Beyond Cyber Risk, the Cost of Downstream Impact

The rise of remote work and growing concerns over ransomware acted as partners-in-crime to get organizations to hone in on risk mitigation efforts over the past couple years. Through compiling our Risk Insights Index, we found that with certain initiatives —  safer or reduced usage of RDP, growing use of email security tools, and other measures taken to limit the impact of threat actors — businesses are more prepared than a year before and ready to play defense. Those efforts are borne out in our finding that the rate of companies who pay a ransom when attacked with ransomware fell by half within a year. 

[RELATED POST] Tips from Top Brokers: How to Play Offense in a Cyber Hard Market

Tips from Top Brokers: How to Play Offense in a Cyber Hard Market

The whisperings of “firming rates” start first, quietly in business meetings, then published in industry reports. Soon to follow, rumblings of a “hard market” are brought to the conversation. It’s cyclical in nature, and we see it across all insurance lines at one point or another. For years, Cyber Insurance stretched far and wide with “soft” market conditions, remaining highly profitable. Now that period of growth, with exceedingly available coverage and inviting terms, has stalled in the face of a hard market.