Insider Risk In the Pharma Industry

Brown Colorful Travel Photo Collage (Presentation) (3)

Industry

Healthcare

Challenge

Results

In 2022, Sanofi embarked on its insider risk journey with Signpost Six to implement a tailored programme designed to meet the organisation’s needs and address its insider challenges.

Insider Risk Assessment

www.sanofi.com

86.000

Employees

+180

Offices

$46.6B

Revenue

Implementing Signpost Six's Insider Risk Programme led to a dramatic shift in the number of detected cases, and therefore increased visibility and the possibility to prevent and recover related losses

Dominique Woloch

Information Protection and Insider Risk Programme Head @Sanofi

About Sanofi

Sanofi, headquartered in Paris, is a global healthcare company, advancing medicine and vaccines worldwide. As a leading pharmaceutical company, Sanofi continually drives innovation in healthcare solutions, from Specialty Care to General Medicine.However, holding a position at the forefront of technological breakthroughs in a competitive landscape also makes Sanofi and its knowledge a target for state actors and competitors who want to obtain and potentially misuse that knowledge.

The Challenge: Protecting Innovation in a Competitive Landscape

Dominique: ‘The whole organisation was unaware and therefore completely exposed to the insider risks; which incurred unforeseen losses related to data misappropriation of the company’s assets’

Sanofi's mission relies on constant innovation. However, to ensure success and maintain competitiveness, it is equally important to protect these innovations from being illegitimately acquired by competitors. Recognising this threat, and raising awareness around it, is fundamental for effective protection. The unforeseen consequences underscored the need for an insider risk programme to enhance awareness, reduce vulnerabilities, and protect sensitive data from unauthorised access and exploitation.

Sanofi’s Insider Risk Journey

In 2022, Sanofi embarked on its insider risk journey with Signpost Six to implement a tailored programme designed to meet the organisation’s needs and address its insider challenges.

What Signpost Six has done with Sanofi as an expert partner is to, first ask the fundamental questions of; HOW and WHAT do they want to secure? What do they already HAVE, and what do they NEED to reach the desired level of security?

The results of the assessment led to the creation of a strategic roadmap that allowed the deployment of a Sanofi-wide programme. The goal was to create a strong programme foundation with clear roles and responsibilities to increase awareness on the global level and put in place the standard of the employee's behaviour and reporting. This would in turn foster a culture of vigilance. In the next phase, Sanofi focused on advancing case management mechanisms and the development of an analytics tool to increase their detection and response capabilities. These efforts have deeply improved Sanofi's ability to mitigate insider risks, increasing visibility and enabling the prevention and recovery of potential losses.

Dominique: “It led to a dramatic shift in the number of detected cases, and therefore increased visibility and the possibility to prevent and recover related losses”

Results: Strengthened Security and Awareness

Sanofi’s Insider Risk Programme revealed previously undetected threats and helped prevent significant losses, strengthening overall security. Uncovering these threats allowed Sanofi to deploy essential preventive measures, thereby strengthening its overall security posture. This proactive approach not only mitigates future risks but also enhances overall organisational awareness, leading to a more secure and resilient operational environment. As a result, Sanofi is continuously working and improving to successfully safeguard its people, patients, and sensitive information, ensuring sustained innovation and business continuity.