About EBSA Thursday - Cyberbiosecurity: A Unique Marriage of Biosecurity and Information Systems

Increasing reliance on the internet and technology in research and biomedical laboratories has opened these organizations up to increased focus for cyberattacks. These attacks may be perpetrated by external actors or individuals internal to the organization (purposefully or accidentally) and can take advantage of a lack of knowledge by research staff about phishing, access control best practices, and network security especially of research instrumentation, automated laboratory equipment, and building automation and control systems that may be connected to the internet/cloud. This talk will introduce the types of cyberthreats that have been commonly perpetrated against research and biomedical organizations. We will discuss existing guidance documents from the National Institute of Standards and Technology (NIST) and the International Organization for Standardization (ISO) that address critical infrastructure cybersecurity and information systems security controls and how they can be applied to all biomedical research organizations (BSL-1 through BSL-4). Finally, we will explain some of the best practices described in these documents relating to identity management and access control, awareness and training, and data security to give biorisk management and laboratory personnel a better working understanding of cyberbiosecurity. The goal of this talk is to provide a framework to facilitate better conversations between laboratory and biorisk management staff and their organization’s IT staff to promote cyberbiosecurity in their facilities.