Risk management and insider risks within the life sciences industry were analyzed in a recent report by Code42 Software. The study found that life sciences companies, including medical device manufacturers, biotech and pharmaceutical companies, are experiencing increasing rates of insider-driven data loss events. Faced with this growing threat, life sciences leaders are prioritizing modern data loss prevention strategies, which are proving effective.

Though data loss from insiders, or insider risk, is pervasive across all industries, it is uniquely damaging for companies in the life sciences sector. These companies handle a wealth of sensitive information, such as patient data, product designs, formulations, trial results and manufacturing details. Safeguarding sensitive data from unauthorized access is vital to maintain a competitive edge and ensure uninterrupted business operations. Failing to do so results in expensive litigation processes and reputational damage.

Compared to other industries, there are fewer recorded insider incidents in the life sciences sector. Businesses in this sector suffer an average of 20 incidents per month, lower than other industries such as business and professional services (38 events per month) and energy, oil and gas (28 events per month).

However, nearly 70% of life sciences respondents have seen an increase in data loss incidents caused by insiders over the past year, and they expect to see even more incidents in the coming 12 months. CISOs of the life sciences industry comprehend the pressing nature of this issue, with nearly 4 out of 5 (78%) stating that they have a program dedicated to insider risk or threats.

About half (48%) of respondents say that the leadership team places enough attention on data loss from insiders. Of the 22% of respondents that do not have a program dedicated to insider risk, 80% say that their company plans to implement a program in the next 12 months. Sixty-nine percent of respondents expect their company’s budget for IRM to increase over the next year and data loss from insiders ranked as a top challenge.

In ranking the data security challenges they are most concerned about when protecting against data loss from insiders, life sciences respondents identified the following:

  • Corporate espionage
  • Visibility of data in cloud apps
  • Password-related risks
  • Security awareness needs improvement despite frequent employee training

Although 60% of life science companies conduct data security training on a routine basis (weekly or monthly), most survey respondents (86%) feel that improvements are needed in data security training at their company.

Read the full report here.