Introducing secure print controls for pharmaceutical manufacturers

OpenText Information Management

Government agencies around the world, including the US Food and Drug Administration (FDA), use current Good Manufacturing Practices (cGMP) as the primary way to ensure pharmaceutical quality.

The hidden threats facing your intellectual property

IT Governance

For life sciences and pharmaceutical companies, this includes data on the development and testing of new therapies and details of how therapies are manufactured. One such case occurred when Sinovel, a leading wind-turbine manufacturer, headhunted an employee of AMSC, an energy technology company that owned proprietary wind turbine technology. Cyber Resilience Healthcare Intellectual Property Life Sciences Pharmaceutical

IT 51
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Balikbayan Foxes group spoofs Philippine gov to spread RATs

Security Affairs

The group focuses on Shipping/Logistics, Manufacturing, Business Services, Pharmaceutical, and Energy entities, among others. The post Balikbayan Foxes group spoofs Philippine gov to spread RATs appeared first on Security Affairs.

Why You Need to Tune EDR to Secure Your Environment

eSecurity Planet

This allows EDR to deploy very quickly, but it also allows for a number of security vulnerabilities. Here we’ll discuss why EDR vendors choose these configurations, and how organizations can tune their EDR systems to fit their organization and improve security.

Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware

Krebs on Security

“I can confirm that Fresenius’ IT security detected a computer virus on company computers,” Kuhn said in a written statement shared with KrebsOnSecurity.

China-linked APT10 leverages ZeroLogon exploits in recent attacks

Security Affairs

Targeted sectors include: Automotive Clothing Conglomerates Electronics Engineering General Trading Company Government Industrial Products Managed Service Providers Manufacturing Pharmaceutical Professional Services.

Security in a World of Physically Capable Computers

Schneier on Security

Security is not a problem the market will solve. The primary reason computers are insecure is that most buyers aren't willing to pay -- in money, features, or time to market -- for security to be built into the products and services they want. We have accepted this tenuous situation because, for a very long time, computer security has mostly been about data. But the nature of how we use computers is changing, and that comes with greater security risks.

China-linked APT41 group exploits Citrix, Cisco, Zoho flaws

Security Affairs

Victims operate in the Banking/Finance, Construction, Defense Industrial Base, Government, Healthcare, High Technology, Higher Education, Legal, Manufacturing, Media, Non-profit, Oil & Gas, Petrochemical, Pharmaceutical, Real Estate, Telecommunications, Transportation, Travel, and Utility. .

New financially motivated attacks in Western Europe traced to Russian-speaking threat actors

Security Affairs

At least two companies operating in pharmaceutical and manufacturing sectors have been affected. MainModule can be explained by the gang’s attempts to avoid detection as a result of being in the spotlight of security researchers for some time now.”

Hackers target German Task Force for COVID-19 PPE procurement

Security Affairs

“The remaining half belong to executives at third-party partners, including European and American companies associated with chemical manufacturing, aviation and transport, medical and pharmaceutical manufacturing, finance, oil and gas, and communications.”

Connecting the Bots – Hancitor fuels Cuba Ransomware Operations

Security Affairs

As of April 28, the site mentioned nine companies primarily from aviation, financial, education and manufacturing industries. The post Connecting the Bots – Hancitor fuels Cuba Ransomware Operations appeared first on Security Affairs.

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs

CISA published a security advisory warning of a wave of attacks carried out by China-linked APT groups affiliated with China’s Ministry of State Security. ” reads the security advisory. Citrix blog post: security updates for Citrix SD-WAN WANOP release 10.2.6

US DoJ charged two Chinese hackers working with MSS

Security Affairs

US DoJ charged two Chinese hackers working with China’s Ministry of State Security with hacking into computer systems of government organizations and companies worldwide. The post US DoJ charged two Chinese hackers working with MSS appeared first on Security Affairs.

FAIR Data Principles in Life Sciences: A case for Data Intelligence Cloud

Collibra

By adopting FAIR Data Principles, life sciences firms (pharmaceuticals, biotech, medical device manufacturers) can accelerate data sharing, improve data literacy (understanding of data) and increase overall transparency and auditability when working with data.

Illumio Unveils CloudSecure for Zero Trust Segmentation in the Cloud

eSecurity Planet

Illumio today announced the launch of Illumio CloudSecure, an agentless solution designed to support zero trust security in public, hybrid, and multi-cloud environments. ” Securing Multi-Cloud Environments. Further reading: CNAP Platforms: The Next Evolution of Cloud Security.

Cloud 87

Interpol warns that crooks are increasingly targeting hospitals

Security Affairs

According to experts from Group-IB, Russian-speaking threat actors targeted at least two companies in Western Europe in the pharmaceutical and manufacturing industries. The post Interpol warns that crooks are increasingly targeting hospitals appeared first on Security Affairs.

US DoJ indicts Chinese hackers over state-sponsored cyber espionage

Security Affairs

“Zhu and Zhang were members of a hacking group operating in China known within the cyber security community as Advanced Persistent Threat 10 (the APT10 Group).” Both defendants worked for a company in China named Huaying Haitai Science and Technology Development Company (Huaying Haitai) and acted under the direction of Tianjin State Security Bureau, a department of China’s Ministry of State Security.

Episode 158: How NotPetya has Insurers grappling with Systemic Cyber Risk

The Security Ledger

Related Stories Episode 155: Disinformation is a Cyber Weapon and APTs warm to Mobile Malware Podcast Episode 117: Insurance Industry Confronts Silent Cyber Risk, Converged Threats NotPetya Horror Story Highlights Need for Holistic Security. In this episode of the The Security Ledger podcast (#158): the NotPetya malware outbreak in 2017 raised red flags about the potential for malware to pose systemic risk to insurers: affecting broad swaths of the economy.

Q&A: How AI, digital transformation are shaking up revenue management in high tech, life sciences

The Last Watchdog

based life sciences and high-tech manufacturing companies sheds light on how digital transformation – and the rising role of third-party partners – have combined to create unprecedented operational challenges in the brave new world of digital commerce. Model N’s 2019 State of Revenue Report surveyed CEOs, CMOs and senior sales executives from leading pharmaceutical, medical devices, high-tech manufacturing and semiconductor companies.

List of data breaches and cyber attacks in August 2020 – 36.6 million records breached

IT Governance

There were a massive 99 data breaches and cyber attacks in August, making it the third-biggest monthly total of the year by number of security incidents.

List of data breaches and cyber attacks in May 2021 – 116 million records breached

IT Governance

If you find yourself facing a cyber security disaster, IT Governance is here to help. For the second month in a row, ransomware has dominated our list of data breaches and cyber attacks.

List of data breaches and cyber attacks in November 2020 – 586 million records breached

IT Governance

We recorded 103 cyber security incidents in November, which accounted for 586,771,602 leaked records. The majority of those came from a credential-stuffing attack targeting Spotify and a data leak at the messaging app GO SMS Pro, which you can learn more about below.

List of data breaches and cyber attacks in October 2020 – 18.4 million records breached

IT Governance

With 117 publicly reported security incidents, October 2020 is the leakiest month we’ve ever recorded. million) Personal data from eatigo accounts accessed in a security incident (2.8

Customer Experience Trends: How To Stand Out From the Crowd

Reltio

Every organization — from mom and pop shops to pharmaceutical manufacturers — must adopt tools and techniques for providing the hyper-personalized experiences customers require at every touchpoint in their journey. .

European Commission proposes reinforcement of EU Cybersecurity rules

DLA Piper Privacy Matters

On 16 December 2020, the European Commission adopted a proposal for a Directive on measures for a high common level of cybersecurity across the Union (“NIS II Directive”) that revises the current Directive on Security of Network and Information Systems (“NIS Directive”).

CVS Sued for Alleged Privacy Violations

Hunton Privacy

The letters encouraged the physicians to prescribe drugs made by pharmaceutical manufacturers, who paid CVS to send them. The Texas complaint alleged that CVS disclosed PHI to pharmaceutical manufacturers for the manufacturers’ marketing purposes. million to the Department of Health and Human Services (“HHS”) to settle charges that it violated the HIPAA Security Rule by dumping prescription records in dumpsters.

The Applications of Blockchain in Data Management

AIIM

This means it is completely secure, and it cannot be changed. Data Security. Security methods, such as encryption, are useful in the fight against data breaches, but they cannot offer complete protection.

How To Solve The Cybersecurity Skills Shortage

Cyber Info Veritas

Creating alliances with community colleges There are community colleges that offer degrees in IT Networking or IT Security or similar degrees, which serves as a precursor and a great education baseline for understanding the work of a cybersecurity specialist. Sharing My Experience For example, the Pharmaceutical manufacturing company I use to work for had alliances with several community colleges to provide these hands-on experience to these students.

House of Representatives Passes Bill to Permit Broader Use and Disclosure of Protected Health Information for Research Purposes

Hunton Privacy

Permit remote access to PHI so long as the covered entity and researcher maintain “appropriate security and privacy safeguards” and the PHI is “not copied or otherwise retained by the researcher.” Several groups, including the Pharmaceutical Research and Manufacturers of America and the Association of American Medical Colleges, support the 21st Century Cures Act.

The Hacker Mind Podcast: Hacking Industrial Control Systems

ForAllSecure

So there’s a need, a definite need, for information security professionals to have access to industrial control systems -- not virtual, but actual hands on systems -- so they can learn. Right now, you think about shipping a manufacturing company, making widget pallets.

Connected consumer data: Meaningful outcomes for our health and wealth

Reltio

In fact Deloitte’s Life Sciences report for 2020 states that Life Sciences organizations are at an inflection point: “ Data-driven approaches have the potential to create value across manufacturing, the supply chain, and the entire healthcare ecosystem. The experience economy.

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

Determining what is medical information and who is a provider of health care under the CMIA have long been complicated assessments for health and life science companies such as pharmaceutical and device manufacturers. For example, entities such as pharmaceutical companies may be subject to CMIA requirements but unable to benefit from the CMIA exemption of the CCPA if they do not fall within the CMIA’s definition of a provider of health care.

China’s First Data Protection Measures Lifting Its Veils

HL Chronicle of Data Protection

On May 28, 2019, the Cyberspace Administration of China (“ CAC “) released the draft Measures on the Administration of Data Security (“ Data Security Measures ” see our in-house English translation here ) for public consultation. The scope of application of the Data Security Measures. The data covered by the Data Security Measures includes personal data and important data. App security certification.

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

Determining what is medical information and who is a provider of health care under the CMIA have long been complicated assessments for health and life science companies such as pharmaceutical and device manufacturers. For example, entities such as pharmaceutical companies may be subject to CMIA requirements but unable to benefit from the CMIA exemption of the CCPA if they do not fall within the CMIA’s definition of a provider of health care.

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

Determining what is medical information and who is a provider of health care under the CMIA have long been complicated assessments for health and life science companies such as pharmaceutical and device manufacturers. For example, entities such as pharmaceutical companies may be subject to CMIA requirements but unable to benefit from the CMIA exemption of the CCPA if they do not fall within the CMIA’s definition of a provider of health care.

IG: The Whole Is More Than the Sum of Its Parts

Positively RIM

IT, Legal, Records, Privacy, Security, Compliance Finance, Audit and other areas can manage their information alone. Some organizations lack adequate security expertise to counter outside hacking and internal pilfering of proprietary data. This comprehensive, holistic approach improves data use, management, and security across the information stakeholders.

The Hacker Mind Podcast: Hacking Behavioral Biometrics

ForAllSecure

I’m just not convinced that a fingerprint or an image of my face is secure enough. In security we traditionally define the different factors of authentication as something you know, so that could be the username and password, or an answer to a security question.

2019 end-of-year review part 1: January to June

IT Governance

IT Governance is closing out the year by rounding up 2019’s biggest information security stories. Countless office workers were forced to get back to their jobs after Reddit suspended a host of accounts in light of security concerns.