Secure Life Sciences Supply Chain in an Increasingly Digital World

There are positive signs that healthcare companies are addressing many supply chain pain points, including the thorny issue of security. A UPS survey, “Pain in the (Supply) Chain,” for example, found that in just 1 year, responding healthcare companies have reported a 75% success rate in addressing product security compared with 55% in 2014.

By Bill Romano, Solution Specialist, CSC Life Sciences

One area companies need to continue to manage carefully is counterfeiting and product tampering. There have been a few troubling reports about a rise in the theft of pharmaceutical products through what has been dubbed “open sunroof thefts,” where thieves jump onto trucks, cut holes in the top and throw cargo onto a car following behind. The serious implications of theft and counterfeiting is well known. For example, nine patients in Sacramento, California, died and many overdosed when they took counterfeit painkillers that had been cut with the opiate fentanyl.

Having greater transparency and traceability would allow a company to tackle counterfeit issues, and that’s what digitization of the supply chain enables.


A recent CSC white paper, “5 Ways the Digital Supply Chain Drives Success for Life Sciences,” pointed out that when a life sciences company begins to move to a digitized and moving supply chain platform, companies gain enormous opportunities to streamline the supply chain, drive out process errors and improve oversight. At the same time, however, they also open themselves to information leakage and security holes.

Tackling Global Cyber Threats

Most organizations have addressed and implemented cybersecurity measures that protect them from threats directed specifically at their organization. But as companies expand into global markets and connect with supply chain partners through digital channels, they must also consider the risk of cyber threats through any number of vulnerable points along the supply chain. After all, with information and security arrangements shared across a supply chain, an organization’s cybersecurity is only as good as the weakest link in the chain.

Often issues arise when smaller companies within a supply chain lack the resources or depend on older infrastructure to manage their cybersecurity. Enterprises must take into account the data risks that come with expanding the supply chain through a partner ecosystem. Digital supply chain infrastructure lets companies make use of capabilities such as RFID (radio frequency identification), data leakage protection, identity and access management, application security, network security, and single sign-on, which protect against and provide insights to potential threats globally.

Adapting and implementing a multi-stakeholder supply chain risk security process that engages as many members of the supply chain as possible could set the stage for all to follow. Another crucial element is to deploy harmonized standards.

The International Standards Organization (ISO) produces the ISO 27000 series of standards, specifically written to address Information and Communications Technology (ICT) security matters. These standards create a framework for good security practice. The ISO 27001 standard addresses process and auditing standards, which takes companies from basic risk assessments through to policies for managing information, communications, human resources, physical sites, business continuity and compliance. Adopting the ISO 27000 series will further develop, harmonize and encourage the adoption of information security standards. If this is adopted by every organization in the supply chain along with the ISO 31000 for managing risk, a common language for communicating cybersecurity risks can be used throughout the supply chain.

It may seem a trivial point, but by implementing a common language with other members within its supply chain, an organization can more easily anticipate, identify, communicate and ultimately mitigate the risk posed by cybersecurity-related dependencies and vulnerabilities.

Digitization is a global phenomenon. By 2020, the more than 7 billion people in the world will be using more than 50 billion devices to communicate, collaborate, negotiate and perform transactions, according to Cisco estimates (PDF). Already there are approximately 8.7 billion connected devices. Life sciences companies need to be ready to respond to the digital explosion to secure the supply chain and protect the patients who use their products.

Join the CSC webinar Digital Supply Chain on May 5, 2016 to learn more.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: