Rod Schregardus, pharma manufacturing lead at The Access Group, looks at the IT security threats facing pharma companies today, and the steps that can be taken to prevent the fallout from data loss. He also speaks to Jim Wheeler, a director at UK-based risk consultancy Control Risks who played a leading role in the crisis management team for an organisation severely impacted by NotPetya, the same ransomware which struck Merck in 2017.
‘Cyber Risk: How Can Pharma Avoid Black Swan Events?‘
The digitisation of the pharmaceuticals industry is transforming everything from R&D, to production, to sales, vastly improving both health outcomes and the commercial performance of vaccines and therapies.
Manufacturers have been steadily ramping up investment in automation, machine learning and AI, data analytics and predictive modelling, and the Internet of Things (IoT) for some time now. Of course, these technologies were also instrumental in delivering a safe and effective Covid-19 vaccine at record speed. It was a race like no other and falling behind would have had severe consequences for the health of entire populations, as well as economic and geopolitical repercussions.
Now that data-led technologies have been proven on a large-scale and under the public gaze, the pace of innovation is only going to increase further over the coming years. It’s certainly giving more pharma companies the impetus to move more of their manufacturing operations to the cloud.
The reason for this is clear. With real-time data flowing freely between applications and machines, production teams can improve their decision-making, optimise resources, speed up production and reduce risk (of say, contamination and wasted batches). Data is available remotely and employees no longer have to create and update production plans manually, nor engage in lengthy handovers with colleagues because they can access critical information as and when they need it.
But greater connectivity creates new vulnerabilities in IT systems for hackers to exploit. A ransomware attack, whether the result of a blanket or targeted spear phishing email, could mean substantial data losses. The malware infection spreads across all networked devices, including internet-enabled machines on the shop floor, making it difficult to isolate and stop.
Click the download button below to read the complete version of ‘Cyber Risk: How Can Pharma Avoid Black Swan Events?’ by Rod Schregardus, pharma manufacturing lead at The Access Group