In our about to be published 2015 Predictions report for the life sciences, Eric Newmark and I predict that there will be a major data breach in the life sciences within the next 18-24 months. This breach (and its associated public blowback) will be the beginning of significant changes in the industry where data security moves to the forefront. Leading innovators in the industry have already been moving forward on this issue and will not likely be the company name plastered across network and newspaper headlines when this occurs.
While effective data security used to entail battening down the firewalls and hiding behind a company's datacenter, the increasingly externalized ecosystem, ease of transferring large amounts of data on a thumbdrive, disgruntled staffer, or potential to leave a laptop in a cab are actively on the minds of those charged with maintaining data security within their organizations. While many of these issues won't be addressed easily and fall outside of technology's ability to deliver solutions, technology brings significant opportunities to better protect IT domains under an organization's control, which are likely many and vast.
Among the more proactive and preventative efforts in the industry is the one recently announced by Medidata. For those monitoring data resources within organizations (typically as part of SIEM), activity log reports are a routine part of daily life and, for the most part, are uninteresting indicators that work is ongoing within the organization. In rare cases, unusual activity (e.g. 100x normal volume or queries) are the first sign of a potential issue, possible breach, or some other concern that require attention. In partnering with Sumo Logic, Medidata has chosen to more actively monitor log report activity, enabling Medidata to benefit from Sumo Logic's expertise in identifying threats from across the multi-industry IT spectrum. In many cases, attacks are becoming more complex, harder to detect, and potentially more dangerous. By actively screening for threats in real time, few attacks will pass unnoticed and action will not be dependent on whether someone in IT notices an anomaly.
Expect Medidata's efforts to be replicated and more as companies begin to harden their IT resources once a trigger data breach event occurs. Life science and healthcare have been routinely mentioned for the weakness in their IT protections relative to other industries and the life science industry needs badly to pay attention to this potentially damaging issue.
As always, comments and alternative opinions are welcome.