Hogan Lovells Publications | Life Sciences and Health Care Videos | 2 June 2016

Life Sciences Firms Found Particularly Vulnerable to Cyber Attack

While many of the year’s most highly publicized data breaches have involved high-profile consumer brands like T-Mobile, Target, and Uber, thousands of other companies are targeted each year.

Health care isn’t immune – Anthem, Premera Blue Cross, and UCLA Health have all had to contend with recent cyber attacks.

Marcy Wilder, global co-chair of Hogan Lovells’ Privacy and Cyber Security Group, says the life sciences sector is particularly vulnerable to cyber attack and recommends that firms consider five key factors when developing a security strategy.

1. Know you are a high-value target

“Life sciences firms hold an ever increasing amount of data, from drug formulas and device specifications to patient records drawn from clinical trials,” Wilder says. “At the same time, the sector as a whole continues moving toward digital platforms. That combination makes these companies particularly attractive – and vulnerable.”

2. Understand the risks

“It used to be that when life science companies thought about data security, they were concerned primarily with compliance and its related legal obligations,” Wilder says. “But with the rise of very high profile cyber attacks, firms must now think about how to manage the crisis, how to take care of people who have been affected, and how to manage potential lawsuits and public relations fallout. It demands a more comprehensive approach.”

3. Plan, and then practice

“The value of a tabletop exercise when it comes to cyber security preparedness cannot be overstated,” Wilder says. “Get the right people in the room – that means leadership, communications, lawyers, customer service, and IT – and make sure they know exactly what their job will be in the event of an attack.”

4. Stay current

“In an area evolving as rapidly as this one, it is crucial to be up-to-date on best practices and trends,” she says. “Companies should be sure that they are working with firms that possess proven leadership in both cyber security and life sciences. They need a partner that truly knows the field, and is committed to communication and collaboration.”

5. Build relationships early

“The takeaway is to prepare, to practice, to build a relationship with a law firm with deep expertise in life sciences, one able to say it’s been through it,” Wilder advises. “You do not want to be speed dating law firms when you’re in the middle of a crisis.”

For the latest on privacy and cybersecurity updates, subscribe to Hogan Lovells’ blog, Chronicle of Data Protection

Download PDF Back To Listing