Employees are at the front line of cyber attacks

By Sreeji Gopinathan, CIO, Lupin Limited.

Employees equipped with the ability to make the right decisions today, can help build a safer tomorrow for their firms

With the pandemic ushering in disruptive changes across the business landscape, a cure for virus has been in the limelight. As pharma firms worked on developing and producing drugs and vaccines to address COVID-19, their efforts also attracted the interest of global hackers.

There has been a significant uptick in the number of attacks on players involved in the fight against COVID-19 from hospitals, health departments, government agencies to vaccine makers and pharma companies.

Attackers have been attempting theft of intellectual property related to COVID-19 and provide a competitive advantage to their potential buyers for financial gains. Since India has emerged as a global leader in the world’s vaccine production efforts, Indian organizations have been in the cross hairs of the attackers hoping to extract medical research, clinical trials or vaccine production related data.

From priorities to vulnerabilitie
While confidentiality and availability are two important elements of cyber security, data integrity remains the most critical. Data Integrity is a fundamental for ensuring the quality and safety of drugs. It is also major global concern for health authorities and the pharma companies. With more employees working remotely, it is important for all pharma companies to ensure that their electronic records are trustworthy and reliable across the entire data lifecycle and even for long-term archival.

Cybersecurity strategies in the pharma industry were primarily driven by compliance requirements. Firms handle a huge amount of patient and healthcare data and as more information gets digitised, companies tend to become a target for cyber criminals who are on the lookout to exploit any weaknesses in the defences. Cyber-attacks have become more sophisticated, subtle and have even more devastating consequences.

While integrated networks leading to complexity, outdated legacy systems and insider threats are conventional areas of concern, with the adoption of cloud, IoT and remote working the surface area for digital attacks have expanded significantly.

How cyber-attacks can be prevented
More than ever before there exists the need to protect technical processes from human error and digital threats. As companies adapt to remote workforces, their cybersecurity teams need to address the new potential risks that come with it. In order to prevent cyber-attacks from taking place, companies need to ensure strict procedures and protocols are in place. An integrated security operation is the need of the hour. It includes data classification, access controls, proactive approach, continuous rigorous monitoring & alerts using analytics, command and control reactive approach, DR & BCP testing on a regular basis and so on. These procedures can be audited to assess the level of risk to IT systems, information and patient data safety in order to ensure data accuracy and consistency in the data lifecycle.

Employees are now the first line of defence for cyber-attacks
At any organisation, employees are the first line of defence for Cyber-attacks. Organizations can have the best technologies to fend off cyber criminals but one wrong click by an employee on a malicious email can make the entire network vulnerable to a cyber-attack. Hence, it is imperative for companies to sensitize their workforce on cyber security and equip them with the right knowledge and training.

CIOs and other IT leaders should prioritize regular training sessions and even mock tests to keep employees updated. A trained workforce would be able to dismiss threats such as phishing, social engineering, email impersonations etc. They can be expected to exercise adequate caution, raise red flags if required and also follow a response mechanism in case of a cyber-security incident. This would in-turn address most critical security threats, help identify vulnerabilities and protect data across the entire digital spectrum, whether in networked, multi-cloud or edge computing environments.

A safer tomorrow
A strong foundation needs to be built to ensure that pharma companies can mitigate, address and altogether be on constant vigil to deal with the risks posed in current scenario. Besides automation and other cybersecurity tools, an organization wide security-first mindset and a trained workforce are critical. Visibility to make the right decisions today, can help shape a brighter and safer tomorrow.

“This article was first published on June 17, 2021 in ETCIO”

Cookie	Duration	Description
ARRAffinity		This cookie is set by websites that run on Windows Azure cloud platform. The cookie is used to affinitize a client to an instance of an Azure Web App.
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-analytics	1 year	This cookies is set by GDPR Cookie Consent WordPress Plugin. The cookie is used to remember the user consent for the cookies under the category "Analytics".
cookielawinfo-checkbox-functional	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	1 year	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Other".
cookielawinfo-checkbox-performance	1 year	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	1 year	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gat_gtag_UA_139647988_1	1 minute	These cookies are set by Google Analytics which is a simple tool that helps us measure how users interact with our website. As a user navigates between web pages, Google Analytics records information about the page a user has visited, for example the URL of the page. The cookies themselves are used to 'remember' what a user has done on previous pages and interactions with our website.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.

Cookie	Duration	Description
IDE	1 year 24 days	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
test_cookie	15 minutes	This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.

Cookie	Duration	Description
ARRAffinitySameSite	session	No description
CONSENT	16 years 8 months 10 days 5 hours	No description

Employees are at the front line of cyber attacks

Related Posts

Cart