With the increased focus on digital transformation, pharma companies in India are prioritising data security, finds a Deloitte Touche Tohmatsu India (Deloitte India) and Data Security Council of India (DSCI) report. The report further says ransomware attacks and IP and data theft were the top cybersecurity concerns for the sector, both in India and globally. 

DSCI and Deloitte conducted more than 25 expert discussions between August 2021 and March 2022, where leading pharma companies and industry experts, both global and in India, shared their views on the pulse of the sector and the rising focus on cybersecurity.

As part of the cybersecurity strategy, along with data protection and resilience, identity and access management, OT security, offensive security capabilities, and better threat detection and response are some focus areas for pharma companies in India. Furthermore, 70 per cent of the leading pharma companies highlighted their focus on a zero-trust approach with the need for a clear roadmap over the next two years, around network, data, and access.

The report lists certain cybersecurity considerations for pharma companies. It includes better cyber preparedness, cyber due diligence in M&As, along with having cyber insurance. Apart from a zero-trust approach, adopting a security-by-design, resilient-by-design, and safety-by-design approach has also been recommended. Strengthening the supply chain and OT security, enhancing monitoring and awareness, and empowering CISO to effectively manage cyber risks across functions are also some considerations for pharma companies in India.