Here are a few rather significant numbers just recently published by the PharmaTimes that CSOs and CISOs at pharma companies should take note of:
- 277 days– the average time it takes for pharma companies to identify and contain a data breach
- $5 million – the average cost of a data breach at a pharma company in 2021
- $135 million – the cost of lost sales directly attributed to a cyber-attack that “temporarily” shut down a global pharma company’s production in 2017
- 2 – the number of CSO and CISO titles responsible to defend, protect and prevent threats from hundreds if not thousands of different software programs, IoT systems/products, and individuals impacting sales and operations
We’re not gambling sort of folks, but it’s safe to say that the oddsmakers in Las Vegas would surely not be hedging their bets on CSOs and CISOs at pharma facilities.
While many insider threats are unintentional, others are not, driven by motives to steal valuable information, or for politically motivated reasons to discredit your organization. The rationale for such attacks is really irrelevant as the consequences and outcomes are typically the same. Manually tracking all possible sources of physical and cyber breaches is all but an impossible task. To further compound this challenge, many high-profile cyber-attacks result from an individual gaining direct physical access to a server, thru access phishing attempts to employees, or by gaining unauthorized network access by compromising a physical security device connected to the IP network.
Detecting potential and active insider threats have been a longstanding challenge with traditional physical access control systems (PACS) and related security solutions that are limited in their ability to monitor potentially threatening activities. Examples include sharing or replicating physical access credentials; tailgating and piggybacking to gain entry to facilities and secured areas like data centers; policing and preventing unauthorized remote access requests; flagging frequent unauthorized access denials; and numerous other basic activities that indicate something is amiss.
Vector Flow can swing the odds in your favor by automating the ability to identify and mitigate insider threats to pharma operations.
Our Physical Security Threat Intelligence Solution bridges the gap between physical and cyber security, utilizing AI and machine learning to proactively identify insider threats, physical site risks, card anomalies, and physical security endpoint risks. A fully automated solution, our innovative platform continuously applies intelligent algorithms, correlating several data vectors and rules in real-time to detect and alleviate risks, alerting management when irregularities are detected.
Insights on potential or active threats are visualized using our ID Risk Dashboard. Data can be viewed on a per-user, device, or facility-level basis, along with recommendations for remedial action. The ID Risk Dashboard uses simple visuals to depict key risk indicators and highlights which controls are working and which are redundant. It also serves as a common platform to share KPIs and risk analysis across departments, improving collaboration between physical and cyber security teams.
Now look at these numbers that a Global Company is achieving with Vector Flow’s Physical Security Threat Intelligence Solution:
- 19,000 false alarms were eliminated by optimizing 427 devices
- 3 Months of FTE gained by eliminating 19,000 false alarms saving on average 7 minutes/alarm response
- 300% increase in badge swipes across all sites with minimal false alarms
- Reduction from 200 to 7 false alarms at a single entry point that required undetected device optimization
Vector Flow’s Physical Security Threat Intelligence Solution is already field-proven with major global users. Almost immediately upon installation, this single out-of-the-box solution is actively helping myriad customers uncover compromised access credentials, doors, and IoT devices, as well as tailgating incidents from non-employees, devices with default passwords or expired certificates, and open ports. A truly proactive solution with fast and accurate identification of risky users’ access patterns and devices that pose insider threats, Vector Flow’s Physical Security Threat Intelligence Solution helps CSOs and CISOs stay ahead of the security curve.
Shift the odds in your favor, contact Vector Flow today to discuss how we can help you remedy the risks associated with insider threats across all your pharma operations, or register for an upcoming webinar on our innovative Insider Threat Detector solutions.