Security breaches are of utmost concern to pharmaceutical and medical devices companies. Due to the value and vulnerability of clinical and patient data, it is extremely critical to protect lab books, product formulae, and drug test data that underlie patents and trade secrets of pharma giants. Given the interconnectivity of data networks and smart devices, gaining access to valuable information and monetizing hard-earned intellectual property has become a lot easier.
With the increased healthcare digitisation of so many related business practices, both the potential for incurring financial/operational losses as well as the need for adaptive cybersecurity is greater than ever before. The 2018 digital healthcare landscape is dynamic while being in a state of uncertainty. Almost two-thirds of pharmaceutical companies worldwide have digital transformation at the crux of their corporate growth strategy, with the most important objectives being a) improving user experience and b) boosting patient engagement. These digital transformations in our ever-changing technological environment give rise to threats we didn't know of in earlier times which pose as the main driver for pharma cybersecurity to be more adaptive and relevant globally.
Today, these are the few challenges in the traditional cybersecurity practice that plagues leading pharma companies:
- Most businesses prioritize their IT systems based on the degree of business criticality and sentinel only those systems with cybersecurity technologies
- A modern enterprise has many disparate IT systems spread across geographies. Monitoring the health and security of these systems, even in a highly integrated environment, is massively challenging
- The question that remains unanswered is – How do we not let cybercrime happen at all? Currently, cybersecurity is reactive. It helps in alerting IT staff about data phishing, ID theft, malicious applications, and illicit activities. So, cybersecurity is currently more of a catalyst for disaster management and mitigation.
The rise of AI-based Cybersecurity Systems: Key Drivers
According to a market research report "Artificial Intelligence in Cybersecurity Market” by MarketsandMarkets, AI in cybersecurity market is estimated to be valued at USD 3.92 billion in 2017 and is likely to reach USD 34.81 billion by 2025 at a CAGR of 31.38%. With the increase in cyberattacks on the pharma industry, companies are looking to deploy cutting-edge security technologies like AI as part of their security solutions.
Demand for cloud-based security solutions in pharma companies is on the rise and it is a centralized way to secure all the networks and applications across different sites of the company. As more and more applications are being deployed on cloud/migrated to cloud, the pharma industry is experiencing a shift from on-premise cybersecurity solutions to cloud-based security solutions across organizations. The increasing use of cloud-based security solutions will provide a growth opportunity for AI cybersecurity solutions.
The preeminent advantage of using AI in security systems is its intrinsic ability to be scaled and, therefore, establishes an assured efficiency that cannot be achieved through labor-intensive systems operating in isolation. Pharmaceutical organizations face millions of threats each day, making it impossible for a security researcher to analyze and categorize them. AI/ML can simplify the process of identifying and responding to security threats. Nonetheless, advanced algorithms require human interference to learn from, since we are better equipped to look beyond a simple anomaly that a machine could pick up and put it in a different context and decide to ignore it as a security threat. It is yet to be thoroughly tested in practice, but in theory, the use of AI in security systems would result in a more measured approach to security and hence result in a more accurate solution/prediction. AI has another advantage since it can simultaneously undertake multiple tasks, monitor, and protect a huge number of disparate systems and medical devices. This, in turn, will diminish cyberattacks at a large scale in a manner that our traditional cybersecurity systems cannot scale up to.
AI will transform the pharmaceutical industry by creating more intelligent medical devices which can be trained to be wary of potential threats/attacks based on historical data. With the entry of digital transformation, enterprise security is becoming critical. Although the pharmaceutical sector is far behind in implementing cybersecurity, the ubiquity of data exchange is forcing companies to look for partners that can provide integrated security operations, Big Data analytics, and AI to mitigate malicious behavior.
AI-enabled cybersecurity solutions on the market:
- IBM researchers have already started feeding Watson with all sorts of computer security data sourced from its open access threat intelligence platform, called X-Force Exchange. It is believed that the load of information on security vulnerabilities, malware, and spam messages will make the system an expert assistant and an advisor to security analysts. IBM relies on Watson to reduce the rate of false positives that crop up in corporate security operations and also help address the paucity of cybersecurity talent in the industry
- Darktrace is the world’s leading machine learning company for cybersecurity created by mathematicians from the University of Cambridge. Darktrace’s Enterprise Immune System uses AI algorithms that mimic the human immune system to defend enterprise networks of all types and sizes
- Paladion is changing the game for managed security – from a slow, reactive, and faceless service to a high-speed and high-touch cyber defense partner. They leverage AI in managed detection and response service to provide high-speed cyber defense.
AI-powered cybersecurity systems will not be replacing humans, but empowering them in order to survive the sophisticated and increasingly intelligent attacks. In order to get the most out of AI in cybersecurity, the pharma industry needs to recognize what machines/devices do best and what people do best. Advances in AI can provide new tools for threat hunters, helping them protect new devices and networks even before a threat is classified by a human researcher. The FDA has been wrestling with regulations of rapidly advancing AI-enabled systems/tools for which they are turning to pharma stakeholders for guidance. In one of the recent guidance documents, the agency has shown willingness to be flexible. This period of transition serves as a great opportunity to engage FDA in order to shape the future of AI-enabled security systems to better handle new generations of malware and cybersecurity attacks.