TRENDING:

Breach Notification , Incident & Breach Response , Professional Certifications & Continuous Training

Securing the Data Lifecycle

GlaxoSmithkline's Williamson on Prioritization of Risk Geetha Nandikotkur (AsiaSecEditor) • May 15, 2015     10 Minutes   
Securing the Data Lifecycle
Steve Williamson, Director IT risk management - GlaxoSmithkline

The pharmaceutical sector across all geographies has always been rich in data and is only growing by volume.

"The volume of data created over time through clinical studies, R&D activity, business groups and research partnerships is humongous; keeping track of the data and aligning it with business processes is a huge challenge," says London-based Steve Williamson, director of IT risk management at GlaxoSmithkline.

Against this data explosion, data protection strategy becomes very important to define the pharmaceutical value chain across its data lifecycle including research, development, manufacturing and marketing.

According to Williamson, it is a challenge for CISOs to comply with laws and regulations to protect trade secrets, ensure product safety and supply-chain continuity.

Additionally, security leaders must prioritize the risks and have effective controls to identify important assets, assess threats, select security safeguards and implement and monitor safeguards.

"It is equally critical to prioritize controls based on the most likely threats. For this, awareness of the most likely attack patterns for your specific company will help prioritize controls," he says.

In this interview with Information Security Media Group at the GISEC event in Dubai, Williamson explains how a risk-based approach will ensure that most valuable assets and data are protected against the most likely threats using the most effective controls. He also explains:

  • The impact of assessment matrix and collaboration;
  • Methods of risk identification;
  • Security management and remediation program;

Williamson is a business-focused IT leader with a track record of successfully delivering Information Security programs within a global pharmaceutical organization.

In a career spanning over 25 years, he's held positions of software engineer, project manager, with his current position being director of quality, risk and compliance. He has gained strong expertise in information risk management, application security, data privacy, computer systems validation, controls development and audit & assurance.

Previous
Art Coviello: Venture Capitalist
Next
The Evolution of Security Technology



Around the Network

Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Properly Vetting AI Before It's Deployed in Healthcare
Properly Vetting AI Before It's Deployed in Healthcare
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.in, you agree to our use of cookies.