With increasing digitalization, there are multiple channels within business and society that provide an efficient infrastructure for transmitting confidential data – including transport networks, communication channels, and of course in the laboratory. As a result, there is an added risk of a cyberattack, and so there is a critical requirement for cybersecurity to protect it.
Simply put, cybersecurity involves the process and technologies to protect data or networks from any breach whereby information is put at risk. These attacks are increasingly commonplace in modern society. In 2017, an attack referred to as ‘Wannacry’ had an adverse effect on organizations globally, including the UK’s National Health Service (NHS), with thousands of cancelled patient appointments as a result of a wide computer shutdown.
But with a sharp rise in incidents, what can be done to ensure attacks are minimized?
Understanding the cause
There are multiple reasons why an attack may occur. Often, it’s purely for financial gain; other reasons include the opportunity to expose an individual or organization, creating publicity, or personal satisfaction.
When a cyberattack takes place, hackers will transmit a malicious piece of software known as malware. There are various types of malware, which can be spread via email or through file sharing – and can take several different forms including trojans, worms, and spyware. This is something that might not only interrupt an individual’s device, but also spread across an entire network. In the case of the NHS, this was a ransomware attack, where computers were held hostage and not unlocked until a ransom payment was made.
Often small to medium size businesses are more susceptible to an attack as they may have less time and resource to devote to their security infrastructure in comparison to an enterprise-level organization – making it easier to extract private data.
The lab environment
Laboratories are not immune to this threat. Consequences of data theft or other forms of hacking can have an enormous impact that reaches far beyond lab users alone. Clinical labs, for example, often hold large amounts of sensitive patient data; both loss and theft of this data would have a significant impact on treatment outcomes and patient privacy. In a research lab, data breaches could lead to delays or even to theft of intellectual property.
As the internet of things (IoT) becomes more prominent, with added devices such as equipment and sensors used in and outside the lab, so does the need for prevention of an attack. This includes cloud-connected devices, which are used to monitor conditions and experiments within a controlled laboratory environment. While this makes the information more accessible and easier to disseminate, keeping the data safe becomes more of a challenge.
A collaborative approach
Using an integrated cloud-based approach in the lab
has multiple benefits. With an efficient system, researchers can save time on data handling and share findings and information more easily. Another benefit is having the data accessible from any location. This allows unforeseen events to be handled remotely, and rectified quicker. However, protection of this data is everyone’s responsibility. As part of this, it is important to ensure that each employee is familiar with the processes in place with regard to system access and the policy for password changes.
Often in the case of a lab, each employee will have their own administrative access in order to record any data or important changes during their research. It is also advisable for lab data to be hosted on its own individual network within an entire company. Additionally, it is recommended to use a two-factor authentication, which requires an individual to provide two separate credentials in order to access a network. For example, this could consist of their individual password plus an extra factor such as a VPN login or facial recognition.
According to research conducted by Hiscox in 2019, 61% of firms surveyed across the US and Europe
reported a cyberattack. As a result of a sharp increase in attacks, the government-funded National Cyber Security Centre (NCSC) was formed in 2016 to respond to UK-based attacks, with ENISA (European Union Agency for Cybersecurity) focusing across Europe.
Overall, the issue of cybersecurity is both highly pertinent and potentially intimidating for an individual or business. Being prepared and being able to prevent or respond to a threat is vital – and certainly something that is of increasing relevance in years to come.
At Eppendorf, data security is our highest priority. As part of this, we have implemented standards and policies to help protect data from unauthorized access to our devices as well as our software solutions. Learn more about this in our security white paper.