Cyber Security for Pharma and Medical Device Companies · Cyber Security for Pharma and Medical...
Transcript of Cyber Security for Pharma and Medical Device Companies · Cyber Security for Pharma and Medical...
![Page 1: Cyber Security for Pharma and Medical Device Companies · Cyber Security for Pharma and Medical Device Companies Thomas G.A . Brown, JD Managing Director, Global Practice Leader –](https://reader036.fdocuments.in/reader036/viewer/2022062605/5fc97c38bafc1538495bdb3a/html5/thumbnails/1.jpg)
Cyber Security for Pharma and Medical Device Companies
Thomas G.A. Brown, JDManaging Director, Global Practice Leader – Cyber Security & Investigations, Berkeley Research Group; Former AUSA, U.S. Attorney’s Office for the Southern District of New York; New York, NY
Justin Herring, JDAssistant United States Attorney, United States Attorney’s Office, District of New Jersey, US Department of Justice, Newark, NJ
William J. Hughes, Jr., JD, LLMPrincipal, Porzio, Bromberg & Newman, PC; Assistant US Attorney and Trial Attorney, US Department of Justice, Morristown, NJ (Moderator)
1
![Page 2: Cyber Security for Pharma and Medical Device Companies · Cyber Security for Pharma and Medical Device Companies Thomas G.A . Brown, JD Managing Director, Global Practice Leader –](https://reader036.fdocuments.in/reader036/viewer/2022062605/5fc97c38bafc1538495bdb3a/html5/thumbnails/2.jpg)
2017 Data Breaches
2
![Page 3: Cyber Security for Pharma and Medical Device Companies · Cyber Security for Pharma and Medical Device Companies Thomas G.A . Brown, JD Managing Director, Global Practice Leader –](https://reader036.fdocuments.in/reader036/viewer/2022062605/5fc97c38bafc1538495bdb3a/html5/thumbnails/3.jpg)
2017 Data Breaches
3
![Page 4: Cyber Security for Pharma and Medical Device Companies · Cyber Security for Pharma and Medical Device Companies Thomas G.A . Brown, JD Managing Director, Global Practice Leader –](https://reader036.fdocuments.in/reader036/viewer/2022062605/5fc97c38bafc1538495bdb3a/html5/thumbnails/4.jpg)
2017 Data Breaches
4
![Page 5: Cyber Security for Pharma and Medical Device Companies · Cyber Security for Pharma and Medical Device Companies Thomas G.A . Brown, JD Managing Director, Global Practice Leader –](https://reader036.fdocuments.in/reader036/viewer/2022062605/5fc97c38bafc1538495bdb3a/html5/thumbnails/5.jpg)
2017 Data Breaches
5
![Page 6: Cyber Security for Pharma and Medical Device Companies · Cyber Security for Pharma and Medical Device Companies Thomas G.A . Brown, JD Managing Director, Global Practice Leader –](https://reader036.fdocuments.in/reader036/viewer/2022062605/5fc97c38bafc1538495bdb3a/html5/thumbnails/6.jpg)
2017 Data Breaches
6
Sept. 7, 2017
![Page 7: Cyber Security for Pharma and Medical Device Companies · Cyber Security for Pharma and Medical Device Companies Thomas G.A . Brown, JD Managing Director, Global Practice Leader –](https://reader036.fdocuments.in/reader036/viewer/2022062605/5fc97c38bafc1538495bdb3a/html5/thumbnails/7.jpg)
Number Of Records Exposed From Reported Data Breaches in 2016
4,149 Reported Data Breaches
4.2 Billion Records
MySpace & Yahoo Data Breaches Accounted for 2.2 Billion Records Compromised
Source: Risk Based Security, 2016 Year End Data Breach Quick View Report.
7
![Page 8: Cyber Security for Pharma and Medical Device Companies · Cyber Security for Pharma and Medical Device Companies Thomas G.A . Brown, JD Managing Director, Global Practice Leader –](https://reader036.fdocuments.in/reader036/viewer/2022062605/5fc97c38bafc1538495bdb3a/html5/thumbnails/8.jpg)
2016 Cost of a Data Breach?
Average Consolidated Cost: $4.0 Million
Cost Per Breached Record: $158
Source: Ponemon Institute, 2016 Cost of a Data Breach Study.
8
![Page 9: Cyber Security for Pharma and Medical Device Companies · Cyber Security for Pharma and Medical Device Companies Thomas G.A . Brown, JD Managing Director, Global Practice Leader –](https://reader036.fdocuments.in/reader036/viewer/2022062605/5fc97c38bafc1538495bdb3a/html5/thumbnails/9.jpg)
What are the Sources of Data Breaches
9
Source: Risk Based Security, 2016 Year End Data Breach Quick View Report.
![Page 10: Cyber Security for Pharma and Medical Device Companies · Cyber Security for Pharma and Medical Device Companies Thomas G.A . Brown, JD Managing Director, Global Practice Leader –](https://reader036.fdocuments.in/reader036/viewer/2022062605/5fc97c38bafc1538495bdb3a/html5/thumbnails/10.jpg)
Who is Behind the Breach?
State Actors• China• Iran• North Korea• Russia
Organized Fraud Gangs for Profit• Eastern Europe/Russia• Nigeria• ISIS/Terrorist-Based Organizations
Individual Free-Lance Hackers for Profit (Guccifer)Loosely Organized Ideology-Based Teams (Anonymous/Hacktivists)Miscellaneous Anarchists
10
![Page 11: Cyber Security for Pharma and Medical Device Companies · Cyber Security for Pharma and Medical Device Companies Thomas G.A . Brown, JD Managing Director, Global Practice Leader –](https://reader036.fdocuments.in/reader036/viewer/2022062605/5fc97c38bafc1538495bdb3a/html5/thumbnails/11.jpg)
Data Breach Scenario: Multinational Life Sciences Company
Life Sciences Company:• Subsidiaries in Europe, South America and Asia
Computer Servers and Individual Laptops Connected to Servers• PII of Employees: SSN, Payroll, Bank Account• PII of Patients Involved in Studies• Vendor/Partner/Customer Financial Information (Bank
Accounts, Financials, FCPA Due Diligence)• Health Records of Patients Involved In Studies• Confidential Market/Strategy Information and Documents• Intellectual Property
11
![Page 12: Cyber Security for Pharma and Medical Device Companies · Cyber Security for Pharma and Medical Device Companies Thomas G.A . Brown, JD Managing Director, Global Practice Leader –](https://reader036.fdocuments.in/reader036/viewer/2022062605/5fc97c38bafc1538495bdb3a/html5/thumbnails/12.jpg)
Data Breach Scenario: The Virus
Phishing Incident• Employee E-Mail in Europe• Infection Spreads to US
Wannacry/EternalBlue Type Virus• Computer Uploads DoublePulsar Type Virus• Hackers Gain Administrator Status• Individual Computers Frozen with Ransom Demand• Hackers Start to Mine information from Servers/Computers• Files Transferred to Hackers
12
![Page 13: Cyber Security for Pharma and Medical Device Companies · Cyber Security for Pharma and Medical Device Companies Thomas G.A . Brown, JD Managing Director, Global Practice Leader –](https://reader036.fdocuments.in/reader036/viewer/2022062605/5fc97c38bafc1538495bdb3a/html5/thumbnails/13.jpg)
13
![Page 14: Cyber Security for Pharma and Medical Device Companies · Cyber Security for Pharma and Medical Device Companies Thomas G.A . Brown, JD Managing Director, Global Practice Leader –](https://reader036.fdocuments.in/reader036/viewer/2022062605/5fc97c38bafc1538495bdb3a/html5/thumbnails/14.jpg)
14