The pharma industry suffers more breaches than any other industry, with the vast majority being more sophisticated. This can be attributed to the fact that pharma companies hold large amounts of sensitive and personal data. This data is valuable as it is often related to pharmaceutical and medical advances, technologies, and sensitive patient information. Additionally, the industry follows strict privacy guidelines regarding the safeguarding of protected health information (PHI).

Of course, data breaches are not the whole problem for the pharma industry, human error can also be devastating.

Here are some of the main cybersecurity challenges to the pharma industry in 2022:

1. Intellectual Property Theft

One of the major pharmaceutical threats to the industry in 2022 is Intellectual Property Theft. As companies move toward increased digitisation and the storing of more valuable data online, they are becoming more attractive targets. Distributed networks and acquisitions can create security challenges because sometimes the acquisition targets do not possess adequate security infrastructures. Such acquisitions need to consider best practices as part of connecting to an already complex digital web. Pharmaceutical enterprises often lack visibility, data control, access auditing and compliance reporting throughout their networks and this needs to be tackled.

2. Third Party Vendors

The core of any pharmaceutical company is its intellectual property (IP). Although pharmaceutical organisations have extensive quality management processes, their third-party cybersecurity management processes are often underestimated. Clinical partners and other third parties often handle patented data and formulations for treatments, drugs and therapeutics and pharmaceutical companies must be able to quickly assess any potential third-party data security risks without slowing down the development pipeline.

Ransomware threat actors are actively targeting pharmaceutical supply chains and recent research points out that 12% of pharma industry vendors are likely to incur a ransomware attack.

Moreover, new regulations are imposing strict requirements for publicly listed companies to have processes in place to monitor and regularly assess third party cyber risks.

Here are some tips to get a handle on your third party suppliers:

– Identify your critical suppliers. Engage all business departments in the company and compile a list of all your suppliers to identify which ones are high – medium or low risk in terms of cybersecurity

– Prepare an annual audit plan to monitor your suppliers (it can be as simple as sending a compliance questionnaire, auditing them on site or requesting proof of their adherence to standards like SOC II, ISO27001 etc.). It is important to request proof of implemented security controls, including but not limited to Penetration Testing, 24/7 Monitoring, Third Party Security Processes, Cyber security Awareness training etc.

3. Insider Threat

Insider incidents will be a factor in a third of data breaches making it one of the major pharmaceutical threats this year. Caused by a combination of remote working and the fear of job loss, and the ease with which data can be moved. Untrained employees are a challenge faced by all companies in the pharma industry.

Damage from insider sources can be hard to detect because these threats encompass a wide range of behaviours and motives. It could be an employee attempting to disrupt operations, looking to earn extra cash by selling data, or a well-intentioned employee who simply sidesteps a company policy to save time. Insider threats bring with them unique security challenges. These challenges stem from the fact that these threats are created by insiders in plain sight. As a result they are extremely difficult to detect.

4. IT/OT convergence and ageing OT environments

Legacy software and hardware are typical in pharmaceutical manufacturing. Almost always, these operational technology (OT) devices and systems were not created with security in mind and were dependent on an air gap for separation.

With pharmaceutical companies being at the forefront of researching for new cures, they often have to retain legacy equipment within their structure, often within operational technology (OT) infrastructures. Aging OT infrastructures are not uncommon in pharmaceutical companies. Sometimes, equipment is over 20 years old and may not be supported with suitable security patches. When avoiding outages and ensuring compliance, there needs to be a focus on a security fabric that can prevent IP and data theft, regardless of the age of systems. As pharmaceutical companies look to reduce costs as well as increase productivity, there is an increasing need to mitigate unforeseen risk in cyber criminals targeting what they would consider a weak point in pharmaceutical infrastructures.

5. Cyber espionage and state-sponsored attacks

Pharmaceuticals are prime targets for nation-state-sponsored hackers. They own crucial intellectual property on new drugs representing years of research & millions in investment. Cyber espionage has been recognized as another major motivation for state-sponsored hackers attempting to gain a technological advantage.

With so many pharmaceutical drug trials based in Russia and Ukraine, as well as the manufacturing, data integrity may be compromised even if the facilities appear unharmed. 

We have seen in recent years that North Korean state attackers have targeted pharmaceutical companies in the U.S. We have seen this with the likes of Johnson & Johnson and Novavax. These types of attacks are set to grow over the coming months.

6. Compliance requirements

Pharmaceutical companies are particularly challenged with responding to the ever-changing regulatory environment. This is because non-compliance has a profound effect on cost, reputation, and ultimately the lives of their customers and patients. As regulatory requirements evolve and become more complex, the difficulty of manually achieving network-wide visibility and enforcing the required security controls only increases. The most significant dilemma that pharmaceutical organisations face is the tricky balancing act of driving business innovation and achieving goals while simultaneously mitigating compliance risk.

7. Phishing

Phishing continues to dominate the threat landscape. As this trend continues so too does the organisations’ lack of visibility over their employees. This provides more opportunities and points of entry for cybercriminals to access systems, data and information.

It has never been more important to have the right security measures in place.

Prevention will always be the number one. To take a cybersecurity prevention approach, pharmaceutical companies need to start by instilling a culture in which security is everyone’s responsibility. This includes implementing training programs to educate employees about potential threats and ways to avoid putting the organisation at risk. Furthermore, companies should also implement cybersecurity tools and technologies that identify threats and prevent them from becoming a reality. 

Failure to detect and respond to an attack could be detrimental. Many pharmaceutical companies lack the resources, staff and expertise to effectively implement 24/7 security operations on their own. MDR services add 24/7 threat monitoring, detection and response capabilities to security operations capabilities.

Smarttech247 has a case study for providing SOC services for a global pharmaceutical company. Please submit the form below to request a copy.