3rd Party Risk Management , Governance & Risk Management , IT Risk Management
COVID-19: Security Risks As Manufacturers Shift GearsAttorney Steven Teppler on Supply Chain and Other Challenges
As automobile manufacturers and others rush to shift to production of ventilators and other medical equipment and supplies to help fight the COVID-19 pandemic, they must take steps to ensure security, privacy and safety risks are addressed, says technology attorney Steven Teppler.
Some manufacturers, including General Motors and Ford, have volunteered to produce ventilators and other products used to help in the battle against COVID-19. But with those manufacturing changes come supply chain risks, Teppler says in an interview with Information Security Media Group.
Many manufacturers will have to retool, he notes, "but may not have the associated security that [they've] already built into [their] current product line supply chain," he says. "In the rush to ... ramp up and say 'we're going to start producing masks and ventilators ... if you lose the security along the way, you may be injecting more problems than you solve."
The attorney adds: "With the amount of phishing going on and the mount of COVID-19 fraud that's being attempted on all levels - and especially on the healthcare industry - you're looking at the potential for virus attacks in a totally different digital universe."
In the interview (see audio link below photo), Teppler also discusses:
- Emerging security risks as organizations shift from on-site to remote work and processes;
- The tension between saving patients' lives and protecting sensitive health data;
- Other evolving privacy and security concerns developing from the coronavirus outbreak.
Teppler leads the electronic discovery and technology-based litigation practice at the law firm Mandelbaum Salsburg P.C. He's the co-chair of the American Bar Association's Information Security Committee; a founder and former co-chair of the American Bar Association's IoT National Institute as well as the ABA's National Institute on Electronic Discovery and Information Governance.