Cyber attacks top digital risk for life science companies

Digital risk calculator highlights cyber attacks and highly sensitive or valuable data as major risks for life sciences businesses

External cyber attacks and highly sensitive or valuable data are the top digital risks for life sciences companies in the UK, Germany and France, according to research by law firm Gowling WLG.

Other significant digital risks for life sciences companies include regulatory issues (failure to understand/comply with regulations), employees’ lack of technical and business knowledge, identity theft/cloning and infrastructure risks. The risk is highest for companies with 250-350 employees.

Gowling’s Digital Risk Calculator shows that UK business leaders identify far fewer risks affecting their businesses, when compared to their equivalents in Germany and France. UK respondents consistently identified 2-25% less than risks non-UK respondents for each risk area analysed.

This new free tool allows small and medium-sized businesses to better understand their digital risks and compare them to other businesses and industries. Research informing the calculator was gathered from 999 large SMEs in the UK, France and Germany.

Helen Davenport, director at Gowling WLG, said: “The recent wide-ranging external cyber-attacks such as the Wannacry and Petya hacks reinforce the real and immediate threat of cyber-crime to all organisations and businesses. However, there tends to be an ‘it won’t happen to me’ attitude among business leaders, who on one hand anticipate external cyber-attacks will increase over the next three years, but on the other fail to identify such areas of risk as a concern for them. This is likely preventing them from preparing suitably for digital threats that they may face.”

External cyber risks are thought to be the most concerning category of digital threat for businesses across all countries surveyed. This risk is anticipated to grow even further, with 51% of respondents believing that it will increase within the next three years.

Other digital risks of concern to participants include customer security (57%), identity theft / cloning (47%) and rogue employees (42%). More than a third of respondents also believe that the lack of sufficient technical and business knowledge amongst employees is a risk to their business.

A third of UK businesses feel that digital risks related to regulatory issues have increased during the past three years. But 29% believe that regulatory issues are a risk to their business.

Risks related to highly sensitive/valuable data are the second most prominent risk to businesses (55%), according to respondents. However, when asked about the General Data Protection Regulation (GDPR), which represents the most significant change to data protection legislation in the last 20 years, only a seventh of UK businesses were aware of the fines they may face for failing to protect their data. In comparison, 26% of respondents from Germany and 45% from France were aware of the maximum fine, placing UK business leaders at the back of the pack when it comes to understanding the risks posed by failure to comply with the GDPR.

Despite the identification of data risks, only 52% of UK businesses do regular data back-ups, compared to 66% in Germany and 67% in France. Moreover, only 32% of UK businesses and 39% of businesses in Germany open to using off-site storage for sensitive data today, compared to 50% of French businesses.

While 70% of business leaders involve IT support in their digital risk management only 31 per cent involve legal support. Only 16% of respondents said that they are fully prepared for digital risks.

Related topics

Related organisations

Related people