USDM worked with cross-functional teams and performed an in-depth assessment to help the life sciences customer verify and mature their cybersecurity readiness.
A U.S.-based pharmaceutical company with a global footprint and a strong pipeline needed a cybersecurity strategy. In light of recent breaches, the IT and security teams were focused on tools and configurations. USDM Life Sciences brought a comprehensive view that included people, processes, and technologies.
The Situation
- The customer’s need had board-level visibility and was sponsored by the IT department
- The customer had recently built their internal IT capability, and was moving away from an outsourced model
- The customer’s growth and recent incidents necessitated a cybersecurity gap assessment, breach remediation action analysis, and cybersecurity strategy and configuration recommendations
- The customer’s business, size, resources, and timeline did not align with a full International Organization for Standardization (ISO) and HITRUST certification
- With a narrow view focused on technologies, the customer needed to have a more strategic view and adopt a right-sized, attainable approach to solve this challenge.
The Solution
- USDM worked with IT and cross-functional teams to perform an in-depth assessment of the customer’s cybersecurity maturity and to prepare a prioritized, actionable roadmap
- USDM identified and recommended urgent actions on critical findings during the assessments and breach report analysis
- USDM developed a thorough and complete understanding of the customer’s strategy, IT landscape, technologies, and priorities
- USDM helped the customer establish achievable objectives that aligned with their corporate plans
- USDM conducted comprehensive cross-functional workshops well beyond the IT organization to build a complete picture of the situation
- USDM performed a gap assessment based on the customer’s objectives, workshop outputs, and people, process, and technology elements
- USDM prepared a prioritized, actionable roadmap that was robust yet appropriately sized for the customer’s stage of development, and within budget and time constraints
- USDM established a business driven cybersecurity risk framework for global compliance
- USDM verified that the effects of prior breaches were mitigated and established controls to prevent future breaches
The Results
- 4 weeks to a prioritized, actionable cybersecurity roadmap
- 12 hours of detailed interviews and workshops to build a complete picture of customer’s situation
- Path of maturity aligned with growth of the organization
Additional Resources
Webinar: Cybersecurity Threats and Risks to Life Sciences Companies
Cybersecurity Services for Regulatory Compliance and Quality
