In 2013, Target Corporation suffered a massive data breach, compromising the personal and financial information of 110 million customers. The breach was traced back to malware introduced through a third-party vendor, underscoring the critical need for businesses such as those in life science and other technology industries to secure not only internal systems but also those of third-party partners.
Business owners must prioritize managing third-party risks, educating employees on recognizing phishing attempts and developing strong incident response plans. Implementing data encryption and ensuring all systems are up to date are essential first steps. Crowley Law LLC can help life sciences and other technology companies by providing legal guidance on compliance, drafting contracts to protect sensitive data and offering support during cyber incidents to ensure businesses are prepared and protected.
The tech industry is often ground zero for cyber-attacks, primarily because of the level of sensitive data companies and their third-party vendors process and store. This susceptibility has led to multiple significant cyber attacks in recent years. For example, in 2021, hackers leveraged four distinct zero-day vulnerabilities to compromise approximately 60,000 Microsoft accounts globally.
Similarly, life sciences companies are prime targets due to the value of their intellectual property (“IP”) and health data, as well as the substantial profits generated by the global life sciences sector. The frequency and scale of attacks have risen with the increasing adoption of digital technologies.
In early 2024, the pharmaceutical company Censora experienced a data breach that resulted in further attacks on eleven of its partner corporations, including Bayer, Novartis Pharmaceuticals, Incyte and Genentech Inc. Even more alarming is the fact that in the first half of 2024, life science and other technology companies saw a 180% increase in data breaches.
Below are some notable threats to be aware of:
An APT is a prolonged and targeted attack where attackers infiltrate a network over time in multiple stages, often to avoid detection. These attacks can last for months or years, allowing the attacker to establish a foothold in the system and exfiltrate data without being detected.
A DDoS attack overwhelms a server or network with an excessive amount of requests, leading to downtime and impairing key operations. This is often done to disrupt business activities or target vulnerable organizations.
In a zero-day attack, cybercriminals exploit previously unknown vulnerabilities in software or systems before developers or security teams can address them. These attacks are particularly dangerous because they can go undetected for long periods, leaving systems open to significant harm.
SQL injection attacks involve inserting malicious SQL code into input fields on websites or applications, allowing attackers to access and manipulate databases, often gaining unauthorized access to sensitive data.
Ransomware attacks involve malicious software that locks or encrypts a victim’s system, demanding a ransom in exchange for restoring access. This has become one of the fastest-growing and most disruptive types of cyberattacks.
Phishing is a type of social engineering attack where an attacker impersonates a legitimate entity, often through email or websites, to trick individuals into revealing sensitive information such as login credentials, credit card numbers or personal data.
Password attacks can be brute-force, where attackers systematically guess passwords or dictionary-based, using software to try commonly used passwords. Attackers may also use keylogging techniques to capture keystrokes and obtain passwords.
In this attack, the attacker intercepts and potentially alters communications between two parties who believe they are directly communicating with each other. This can compromise sensitive information exchanged in the process.
Malware is malicious software introduced into a system with the intent to cause damage, steal data or gain unauthorized access. Types of malware include viruses, worms, trojans, ransomware and spyware.
An insider attack occurs when an individual within the organization—such as an employee, contractor or business partner—either intentionally or accidentally exploits their access to sensitive systems, data or infrastructure, often leading to security breaches.
According to the National Institute of Standards and Technology (“NIST”), cybersecurity practices can be classified into five “Core Functions:”
Cybersecurity involves comprehensively identifying your digital assets, including sensitive data, hardware, software and network resources. Understanding your unique cyber terrain is the first step toward adequate protection.
You must adequately shield the identified assets using robust cybersecurity measures, including access controls, data encryptions and staff education on security best practices.
Cybersecurity requires implementing mechanisms to monitor your digital environment for any suspicious activities. This will allow timely responses to potential threats and security breaches before they escalate.
A swift and coordinated response is critical to minimize damage from successful attacks. You need an incident response plan detailing the steps to be taken and ensure all relevant stakeholders are aware of their roles and responsibilities.
Post-incident, the focus shifts to recovery to ensure business continuity. You should restore affected systems, assess the incident’s impact and implement remedies to prevent a recurrence.
Understanding these core functions will help you contextualize the potential threats relating to cybersecurity and implement appropriate security measures.
Securing your organization means more than simply paying for antivirus software or activating a firewall. You must implement comprehensive measures to significantly reduce your exposure to cybersecurity issues. Here are a few first steps that you can use to kickstart your journey toward a fortified digital fortress:
Outdated software and systems often harbor vulnerabilities that can be exploited for various attacks. To avoid potential attacks, ensure all systems and applications are regularly updated with the latest security patches.
Implement MFA to provide an added layer of security, significantly reducing the risk of unauthorized entry. Two-factor authentication is often adequate and user-friendly.
Educate employees about security best practices. This will foster a culture of vigilance, ensuring everyone understands their role in maintaining a secure environment.
Encrypt important company data both in transit and at rest. This ensures that even if intercepted, the information remains indecipherable to unauthorized parties.
Establish a routine for regularly backing up important data, such as client information. In the event of a cyber incident, having up-to-date backups can be the difference between swift recovery and prolonged downtime.
Set a policy requiring employees to use strong passwords for their accounts and devices. A strong password should be at least 15 characters long and contain a combination of letters, numbers and special characters. You should also use a password manager to store all passwords, security question answers and other personally identifiable information in one encrypted location.
The listed cybersecurity best practices are simply initial steps in setting up a cybersecurity posture. More elaborate and extensive measures are needed for risk assessment and ensuring device and network security. Crowley Law LLC is ready to be your legal partner as you seek to improve your cybersecurity posture. Our pertinent services include:
We help life sciences and other technology companies navigate complex regulatory landscapes by assessing their current cybersecurity measures and ensuring compliance with applicable data protection laws, such as HIPAA, for health-related startups.
We assist in drafting and reviewing contracts with vendors, service providers and other third parties, safeguarding sensitive information and outlining liability in case of a breach.
In the event of a cyberattack, we can provide legal support for breach response, helping clients manage their obligations, such as notifying affected parties and regulators.
This is a security mechanism that requires two different forms of verification to confirm a user’s identity when accessing an account or system. The first factor is often something you know (a password or PIN), while the second factor can be something you have (a device or security key) or something you are (biometric data).
Cybersecurity protects your business by safeguarding your critical assets, sensitive data and overall operations from cyber threats such as hacking, data breaches and ransomware attacks. Additional benefits include:
Crowley Law LLC is proud to support Hope Through Education and their mission is to help thousands of underprivileged students reach their full potential through the gift of a great education. Learn more about this organization.
