The value of cybersecurity should be crystal clear to life sciences and health care boards and leadership. Cybersecurity attacks and data breaches seem to be in the headlines almost daily, and sobering statistics are everywhere. The number of patient records impacted has nearly tripled in just one year, jumping from 5.5 million breached records in 2017 to about 15 million in 2018.1 Health care data is valuable, and cybersecurity incidents can mean major costs for companies. Operations, for example, could be held hostage, the supply chain could be disrupted, legal fees could mount, and organizations could suffer meaningful but often difficult-to-quantify losses of reputation and consumer trust.
But communicating this risk to senior leaders and the board can be challenging, according to our research. “Cybersecurity is a top priority,” one life sciences chief information security officer (CISO) told us. “But, there are many top priorities.”