Data breaches and other forms of modern, large-scale cybernetics have been making headlines for more than a decade, but more recently, organizations seem to be doing more than their fair share in the life sciences and healthcare industry. ۔ As it turns out, this doesn’t seem to be the case – it’s actually happening according to Verizon’s 2017 Data Breach Investigation Report, which states that 15% of these attacks are health-related.
We don’t have to go back in time for a good example of one of these attacks on a healthcare or pharma organization. On June 27, 2017, Merck, one of the world’s largest pharma companies, and 2,000 other companies were infected with ransomware called Petia, which infected employees’ computers in 65 countries. And left a ransom note demanding payment of bitcoins to decrypt the affected files. . Weeks later, the pharma giant is trying to get their infrastructure back on track.
Therefore, before a company like Merck – or any company for that matter – can take practical steps to prevent further cybertech, it is important to consider why the attack took place in the first place. With that in mind, let’s explore a few of the statements that can be made in the process of becoming a cybersecurity target.
Four statements that can explain
A decade ago, cybersecurity ensured that the corporate IT system was closed to outsiders in order to protect it. However, in the last five years, remote work has become more and more common and a high percentage of employees working outside the frame, accessing sensitive data through cloud and unsecured systems and often all this mobile The device does. As a result, the entire enterprise has become fundamentally weaker, making it difficult to determine where its sphere ends and the outside world begins.
Healthcare and life sciences companies have long been slow to innovate when it comes to digital, and that cannot be helped by the fact that technology is not their core business. In fact, as other industries have had to adopt new business models to increase their revenue, resulting in disproportionate investments in technology in general, the healthcare and life sciences are slightly behind the digitization curve. Are left
Many organizations do not choose to be slow to innovate. Instead, it is for compliance reasons, such as in an environment where a business has to choose between meeting the latest standards and a new technology. In this case, the company may remain in business without the new software component, but not without meeting regulatory standards. In fact, compliance has long been a burden on the CIO agenda.
Finally, considering the above story about the growing threshold and how Merck’s cybertech on Merck affected so many employees, it’s worth noting that companies making headlines for data breaches are small. Or not moderate. Instead, hackers pursue the largest and most lucrative targets in terms of expansion – companies with the highest number of companies, locations and potential entry points.
Plan for what’s next
Given the scale and scope of the data breach against Merck, it’s hard not to start asking questions. What if they implemented better or more security controls sooner? What if they run a mix of Wanda and iOS to stop the virus that attacks Wanda, Vankri and Petia? What if the virus enters the entire enterprise before it can detect the virus?
It will always be the same, but with so many potential access points for data breaches, it’s almost impossible to be 100 unc uncompromising, especially when you comply with security and development and revenue. Trying to balance.
It’s not easy, but it’s worth your time to not only plan to improve your cybersecurity, but also to plan if your company becomes a victim of cybersecurity. How to answer it. The best way to get started is to assume that you have already compromised, or that you will be compromised tomorrow, and then find a partner who can help you. The faster you prioritize cybersecurity, the better.