The Greatest Threats to Data Integrity

In a world rife with optimism about the good that AI can do, what threat is presented to pharma by bad actors, like hackers, but for their own nefarious purposes?

AI brings a lot of potential benefits, AI accelerates a lot of thinking, it can contemplate a lot of data, it can, it can help us, you know, filter out things. And I'm not going to go into the cautions of AI in the drug discovery process. But I'll talk about the way AI. The way we use AI or contemplating the use of AI in the information security space in the Data Protection space, is to try and discover patterns at a larger scale more frequently, to try and understand enemies and attackers. But the thing is, we as parts of a commercial organization, as law abiding citizens, as participants in society, we have boundaries, we have to follow, we have policies, we have laws, we have only certain data that can go into these kinds of systems. We have, we have limitations on what we can do, or how we can act to, you know, to respond. But the bad actors don't have those kinds of boundaries, or policies or laws to work with him. So, the word of disadvantage, this is the same. This is an extension of an issue we've had in information security for a very long time. Which is we follow process procedure rules to try and maintain the ethos to try and maintain organizational standards to try and maintain document ability and stay within the law. But the people our adversaries do not. They don't necessarily do that.

They take tools like AI systems, like large learning models and find ways to build really convincing phishing campaigns. What are what are the best parts of real marketing and bring those in? How do I incorporate large data sets of contact details for executives and companies, for research managers and companies and hone the message that they get, or the way we attack them for that they're most susceptible or most willing to be able to, are most willing to click on and execute? Think of it as using all the great marketing techniques that are out there, but using them against, you know, for bad purposes, not for good. And AI really helps them get to that. In addition, AI systems, generative AI systems are helping to mine out where systems live that might be vulnerable to accelerate how fast to find pathways into systems. And then there's also we talked earlier about data manipulation. The fact that we've got large language models that can analyze datasets and find the best way to adjust something to change something that is the least able to be detected. That's an example of a way that you can use AI for bad purposes. So, there's all sorts of things weighing against. But at the same time, we're also in an industry that isn't particularly bullish on the incorporation of these technologies, you know, the FDA, the EMA have come out with some very clear guidance on how to cautiously integrate these systems, AI systems into your environment to maintain recreate ability to maintain scientific integrity and have the greatest chance of positively affecting patient safety and product efficacy. But like I said, at the beginning there, it's it, the opposite is true. On the attack side, it's all of these tools are available, and they will use every opportunity every method within them to try and figure out how to how to impact data.

What will be the greatest threats to the integrity of data in R&D this year?

I think the impacts come from some of the same things we saw that got amplified during COVID. Because of, you know, because systems are proliferating, because people are using electronic systems more, because the data is being shared for very good reasons. Companies have to be very organizations have to be very cautious, very careful, very conscious about how access is managed to them how the system is performing, how the security of that system exists. And whether or not the processes and procedures that they're using these systems for are fit for purpose in a in a highly data, highly data driven world.

So, the biggest threats then come to be things like inappropriate access, as you're doing more and more sharing across organizations, legitimate sharing, understanding who has access to what data and why, and do they have the ability to change it. Good R&D repositories will have the ability to give you journals and output and, and a traceability of all the actions that were taken in that system. So that you can detect and revert such changes, and make sure that you've got, you've got the ability to detect that they've happened. Some of the bigger the impacts that come out of this are everything from or if they're actually quite large. If you build a set of data, if you build a set of research on data that is either been inappropriately captured or affected over time or manipulated, you now have a lot of potential cost issues or risks that come along the way you could lead to, you might not be able to validate your results down the road and have to restart your research that's cost that's competitive advantage. If you may have to have your outcomes, your tests not match your predictions, and not understand why because something either wasn't recorded, right? Or was manipulated. Something you could have impacts on product efficacy and patient safety get all the way down to the end, and it goes out and you might have a greater chance of recalls if you don't have good data integrity in your system from the beginning to the end that resulted in higher adverse events and higher, you know, higher cases of MDR is in the in the medical device space. And ultimately, you know, the 43 that nobody wants to get.