Search
Explore digital transformation resources.
Uncover insights, best practises and case studies.
Case study
by
Nortal
Testing the cyber defences of a life sciences company
A well-executed cyber exercise can mean the difference between a contained incident and a costly crisis. One global life sciences company put this to the test – and emerged significantly more resilient.
Service
Cyber Resilience
Industry
Industry
An international life sciences and clinical research company headquartered in the United States has an admirable mission – to enable its customers to make the world healthier, cleaner, and safer.
However, with global cybercrime costs growing by 15% annually, to deliver that promise to its 350,000 customers worldwide – rather than become the weak link in their supply chains – the company needed to evolve from a strong, functional security model to a world-class, fully integrated resilience programme that matched its market leadership and the critical nature of the supply chains it supports.
The ripple effect
The company commands a roughly 20% share of the global market, reflecting its extensive portfolio, which includes pharmaceutical and biotechnology companies, clinical diagnostic laboratories, research institutions, and government agencies worldwide.
But this also means the company is deeply embedded in vital supply chains, and a cyberattack could ripple across critical infrastructure and essential operations – not only in life sciences, but also in healthcare, pharmaceuticals, diagnostics, academia, and even national security-related research.
For example, a breach in networked lab instruments and data management software could allow threat actors to push malicious updates or manipulate lab results. A cyberattack could result in delays to cancer diagnostics and critical therapies.
Contrary to popular belief, technology is not the sole answer to cyber threats. Studies show that 82% of cyber breaches involve human error – but those same people can also become your strongest defence against cyberattacks.
An FBI report noted that 53% of digital medical devices in the US are at risk of cyberattacks.
Attack simulation
A sound approach today is to assume a cyber incident will happen – after all, it’s a question of when, not if, you will be attacked. Being able to respond rapidly and effectively is critical to containing the financial, operational, and reputational impacts of that incident and in returning to normal operations. An expert response, however, doesn’t come naturally. It must be ingrained in muscle memory through exercise.
To meet our client’s challenge, we designed and facilitated multiple tabletop exercises for the company’s global leadership and communications teams to move beyond theoretical plans and test their capabilities against a highly realistic, modern threat scenario. Our attack campaign simulated assaults on a core product line, creating downstream impacts on customers and triggering regulatory scrutiny. To mirror today’s information battlefield, the scenarios also included AI-generated deepfake content of the CEO, designed to sow confusion and damage public trust.
We provided expert analysis after observing how the teams collaborated under pressure. This approach aligns with the proactive validation now expected by advanced regulations such as NIS2 and DORA, which require organisations in critical sectors to demonstrate their resilience in practice.
The exercises initiated vital discussions on leadership roles, crisis coordination, and communication protocols, providing a safe environment in which to navigate the pressures of a real-world cyberattack.
Enhanced incident preparedness
The exercises delivered a comprehensive, executive-endorsed blueprint for advancing the organisation’s cyber maturity, ensuring its people, processes, technology, and culture are prepared for the future.
Instead of reacting to a real crisis, the company is now proactively implementing a strategic roadmap built on insights from the exercises.
Key impacts include:
A framework for scalable response
The exercise provided the business case for enhancing the company's incident management framework. Leadership is now equipped with a clear plan to implement a robust cross-training programme, ensuring a deep and scalable bench of talent ready to respond effectively.
A plan for strategic communications
The simulation delivered a strategic framework for maturing the company’s crisis communications. This has provided a clear path for establishing a formal ‘battle rhythm’ and developing a proactive messaging arsenal, preparing the team to control the narrative in a contested information space.
A roadmap for integrated security
The engagement produced a strategic roadmap for embedding a ‘Security by Design’ ethos across the product lifecycle. This has laid the groundwork for a ‘Security Champions’ programme, with plans to embed security expertise directly within R&D teams and foster a culture of shared ownership.
By rehearsing for a crisis, this life sciences leader not only fortified its own defences, but also strengthened the integrity of the entire ecosystem it serves. In a sector where trust is paramount, and one weak link can halt vital services, preparedness is a collective asset.
Get in touch
Nortal is a strategic innovation and technology company with an unparalleled track-record of delivering successful transformation projects over 20 years.
Related content
Get in touch
Let us offer you a new perspective.