The cyberattack on Dr Reddy's Labs came as a sharp reminder to strengthen its digital infrastructure and tighten cybersecurity control measures, according to analysts.
According to a report by HSBC, damage control and restoration of operations are crucial. It said Dr Reddy's is a front runner among peers in terms of investing for digital transformation initiatives as well as for new-age cyber securities technologies.
"Thus, the cyberattack came as a sharp reminder to strengthen its digital infrastructure and tighten cybersecurity control measures. While it expects no major operational impact, a quick update on damage control and restoration of operations will in our view be crucial to validate resilience of its systems," the report added.
Dr Reddy's faced a major data breach yesterday which triggered a shutdown of its key facilities. The company experienced data breaches in servers in the UK, the US, India, Brazil and Russia. Afterwards, the company released a statement which said that in the wake of a detected cyberattack, it had isolated all data centre services to implement preventative measures. Dr Reddy's anticipates all services to be up within 24 hours and does not expect any major impact on operations due to the cyberattack.
Most of the Indian pharma manufacturers are increasingly focused on digitisation and process automation to improve operational efficiencies.
With increasing digitisation, data breaches and cyberattacks are commonplace, with the pharmaceuticals industry one of the sectors most impacted, after healthcare, energy and finance as per a study by Ponemon Institute (a Michigan-based research institute dedicated to data privacy, protection, and information security policy), and IBM Security.
For example, Merck faced a major cyberattack in June 2017 that led to disruption of its worldwide operations and sales losses of $260 million due to nonfulfillment of orders, and it incurred incremental costs (incl. remediation costs) of $285 million in 2017.
"The risk of cyberattacks on the pharma industry is further amplified by remote working during the COVID-19 pandemic. Thus, pharma manufacturers (incl. DRRD) need to invest further and strengthen cyber security systems to avoid or minimise operational disruptions, high costs of control, and to contain damages and any potential lawsuits or regulatory penalties," the report said.