Article July 16, 2019

Cyber for life science: Three key takeaways

In a recent webinar hosted by CFC, Sean Burke and Hannah Maher explored cyber risk's impact on life science firms. Here's what we learned.

Whether you're an organization involved in the drug discovery process, the manufacture of medical devices or the retail of products online, cyber insurance should be on your radar as both an important risk transfer tool as well as a tool to help you manage incidents when they do happen. 

Find out more about how cyber risk affects the life science industry in this recap of our recent webinar on the topic. 


  1. Digitization is powerful and important, but it's not risk-free The conversion from physical reporting to digital reporting has had a huge and important impact on the efficiency of the life science industry, from reducing costs and errors to helping companies bring things to market faster. But this transition doesn't come without risk. For example, in a survey done about the benefits of mHealth, respondents found that it improved data quality and patient engagement, but security was the biggest concern.
  2. Life science companies are missing business-critical cover by not buying cyber Life science companies value cash flow, their tangible (physical) and intangible (data) assets, reputation, and business continuity. While property insurance goes some way in protecting businesses from the loss of these things, it does not come close to full protection. Funds transfer fraud, theft or loss of data, breaches of privacy and system downtime are all risks left uncovered by traditional policies, but are all covered under a good cyber insurance policy.
  3. Preparation is key when it comes to both preventing and managing cyber incidents Not all cyber incidents can be prevented, but there are a number of things life science businesses can do to improve their chances of not falling victim and limiting the fallout if they do. For example, make sure to make and test offsite and off-network backups of all data (to minimize the impact of ransomware and extortion), use multi-factor authentication to prevent account takeovers (which often lead to funds transfer fraud) and educate staff on cyber risk (as our claims data continually shows that people are the weakest link). And if you suffer a cyber incident? Make sure you have a good cyber policy backed by an experienced incident response team that can help you minimize the impact and expedite a resolution.

Want to access the whole webinar? Click here to listen or here to download the slides.