image courtesy pixabay.com
As the Indian pharmaceutical industry embraces digital transformation, experts argue for bolstered cybersecurity measures to protect against rising threats. Pritam Shah, the global practice head for OT Security at Inspira Enterprise—a leading cybersecurity and digital transformation services provider—emphasized the critical need for integrating Operational Technology (OT) and IT security.
Cybersecurity Challenges in the Pharmaceutical Sector
Pharmaceutical companies, which store sensitive data like patient information, clinical study results, proprietary drug formulas, and cutting-edge technologies, are becoming lucrative targets for cybercriminals, as evidenced by recent cyberattacks on Sun Pharma and Granules India. Shah noted that These attacks compromise public health and pose a national security risk.
The Convergence of IT and OT Security
Originally, Operational Technology systems in the pharmaceutical sector were designed without robust security features, relying instead on physical separation or “air gaps.” However, modern advancements have merged the realms of IT and OT, offering benefits like increased efficiency and quicker time-to-market at the cost of heightened security risks. Among the challenges are the convergence of IT and OT systems and the vulnerabilities of legacy OT systems, Shah explained.
Key Challenges in IT/OT Convergence
Shah calls for a comprehensive defense strategy that bridges IT and OT security to counter these emerging threats. Due to the typically isolated nature of OT assets, it’s imperative to have dedicated OT/IoT security personnel for each manufacturing facility. Encouraging collaboration and clearly delineating roles between IT and OT departments is crucial.
Shah also stressed the importance of staff training in cybersecurity best practices, risk identification, and general guidelines for those with access to Operational Technology or IoT systems. Such training should be cross-disciplinary to include both IT and OT staff, offering them a well-rounded understanding of the risks involved in IT/OT convergence.
He added that teams must stay abreast of new technological challenges and associated risks by implementing security controls and complying with emerging regulations. Current IT security solutions often fail to recognize IoT devices due to a limited understanding of OT protocols, which are themselves based on hundreds of non-standard procedures. Shah recommends using centralized dashboards for better asset visibility and continuous monitoring across both IT and OT networks.
Once such visibility is in place, understanding the communications between IT and OT is critical for safeguarding against disruptions. Monitoring network parameters, protocols, access points, and connections is essential for detecting abnormal activities.
Safeguarding the Future of the Pharmaceutical Industry
Lastly, Shah emphasized that once you have deployed an Intrusion Detection System (IDS) for OT assets, it is vital to continually monitor any alerts for swift remedial action. Services such as managed monitoring and remediation, incident response, vulnerability management, and threat intelligence are pivotal in ensuring that OT systems are fortified against cyber threats.
News Courtesy: PharmaBiz.Com