In a cyber-threatened world where a single keystroke can mean the difference between data security and certain disaster, the life sciences sector is in particular peril. Although Big Data analytics for data-driven fields like genomics have been championed for bringing about advances in drug discovery and patient care, the deluge of Big Data — including Personally Identifiable Information (PII), Personal Health Information (PHI), and intellectual property — as well as the ease of data sharing means it’s also easier for corporate adversaries to steal sensitive data or use data technologies to inflict harm.
To further complicate matters, the highly sensitive information that life sciences companies manage must be protected while also complying with industry regulations, privacy requirements and state and international laws. This Big Data is often scattered across a multitude of systems, devices and apps, all with their own security protocols and all with the potential to be hacked or otherwise breached.
The risks associated with such sensitive data are an emerging concern for CXOs at every level of management, including CFOs. There is a growing understanding that securing Big Data within the life sciences requires vigilance not for one day or one month, but on a constant and consistent basis. Security breaches can happen anytime, anywhere, and can cost companies billions in fines or loss of assets (not to mention the loss of C-suite careers). For CFOs, the potential loss of trust and harm to a business’s reputation and its stock prices is a risk not worth taking. Even worse, chinks in the life sciences security armor can also have national and transnational repercussions of unimaginable magnitude, ranging from from cyber intrusion to IP theft to the potential development of biological weapons.
Yet to be successfully implemented, data security measures must not compromise a company’s capacity for operating in a globalized economy. On the contrary, an agile, comprehensive approach to data security will actually improve a life sciences company’s ability to navigate health-care reform, deliver innovative, in-demand products, optimize supply chain and comply with regulatory change.
The first line of defense for data security in the life sciences exists at the application level, which represents a growing source of Big Data. Data is now aggregated, collected and sourced by everything from phone apps to pacemakers, which ultimately requires the integration and analysis of multiple datasets that are constantly changing. Specifically in the life sciences, datasets include raw data or heterogeneous data from a multitude of sources, including the health-care system, pharmaceutical industry, the -omics fields (genomics, proteomics, metabolomics, etc) and even agricultural and environmental initiatives.
Unfortunately, the security of these applications and devices is not guaranteed. Data-sharing protections such as encryption, access-control technologies and digital certificates are not always standardized across-the-board and provide increased opportunities for hackers to exploit or steal valuable or sensitive data for financial advantage or to inflict harm.
The life sciences sector must also address security concerns across the service level, primarily in terms of supply chain. Although sharing information with suppliers is crucial, it also presents countless opportunities for data to be stolen, misused or otherwise compromised. According to a 2013 report from the Information Security Forum, 40 percent of the data-security breaches experienced by organizations arise from attacks on their suppliers.
Too many companies, however, fail to properly define risks to data security, especially when the supply chain is extensive. The risk might be understood and managed internally, but when the number of suppliers reaches into the hundreds or even thousands, securing data can become monumentally complex — and expensive. Yet failing to tackle supply chain security can mean the end for businesses that depend on secrecy to remain competitive. Among pharmaceutical companies, for example, the theft of intellectual property in the form of a new drug formula or other trade secrets is a constant looming threat to a company’s relevance and bottom line, and cyber-espionage can happen at any point along the supply chain, even by company insiders.
At the transactional level, life science companies must ensure that their daily transactions — the raw material of business intelligence — do not become the raw material for a cyberattack. Transactional data may come from interactions with customers, management of employees, running of operation or administration of finance, and for the life sciences sector in particular, can represent information of extreme sensitivity. The security of the databases used to record these transactions is therefore of paramount importance, and yet often these databases are distributed throughout the globe and subject to varying degrees of security regulation.
Also important for data security within the life sciences is an understanding of threats at the level of infrastructure. More and more, companies are discovering the importance of ensuring proven security capabilities of all components of their data architectures prior to selection and integration. Changing government regulations for data security, however, make it increasingly difficult to store, manage and protect irreplaceable scientific and patient data while still retaining access to core scientific information, maintaining interoperability and scaling operational infrastructure as needed.
Leveraging the years of learning that security experts have already accomplished in other sectors is critical to the success of life sciences companies who seek to secure their own systems. RoundWorld Solutions’ Big Data 360-degree Tool is designed to provide a detailed look, from the top down, at your firm’s data landscape to create an effective, robust and holistic big data management strategy.
We can help you make mobile access more secure without unduly limiting its usefulness, create a dashboard view of constantly shifting active cybersecurity threats, and help you build an enterprise-wide view of who has access to what within the supply chain. We will work with you to enable the real-time visibility you need to effectively manage your data, mitigate risk and remain globally competitive.
or contact us directly today.
This article was provided by:
Public Information Officer