clear search
Search
Search Suggestions
Recent searches Clear History
Allergy & Autoimmune Disease
Allergy Solutions
ImmunoCAP Allergy Solutions
The gold standard in in-vitro allergy diagnostics with more than 500 whole allergens and allergen mixes.
Allergen Components
Food Allergies
Interpretation Guides
Respiratory Allergies
Product Catalog
Specific IgE tests
Autoimmunity Solutions
EliA Autoimmunity Solutions
A high specificity and high sensitivity portfolio of more than 50 clinically relevant tests for autoimmune diseases.
Rheumatoid Arthritis
Connective Tissue Diseases
Celiac Disease
Thyroid Diseases
Vasculitis and Goodpasture Syndrome
Antiphospholipid Syndrome
Pernicious Anemia
Inflammatory Bowel Disease
Liver Diseases
Product Catalog
Systems
Phadia Laboratory Systems
Fully automated and scalable instruments to optimize allergy and autoimmune workflow.
Phadia 250
Phadia 1000
Phadia 2500
Phadia 5000
Helios Automated IFA System
Phadia Prime
Workflow Efficiency
Product Catalog
Resources
Center for Knowledge
Training, education, and service material for autoimmune and allergy testing.
Allergen Encyclopedia
ImmunoCAST Podcast
ImmunoSpotlight
Lab Ordering Guide
Lab Training
Library
On-Demand Education
PiRL
Quick Draw Newsletter
Service & Support
Special Allergen Service
Thermo Fisher Scientific
visit thermofisher.com
Talk with Us
Allergy & Autoimmunity ImmunoSpotlight Can you protect your clinical lab from cybersecurity threats?

Can you protect your clinical lab from cybersecurity threats?

Article
Cybersecurity

Published: September 2025

Medically reviewed by: 
Rebecca Rosenberger, Director of Medical Affairs

On December 5, 2019, a ransomware attack detected on Bio-Rad’s network forced the company to take certain systems off-line to contain the malicious activity.1 It was not the first attack. The WannaCry ransomware cryptoworm cyberattack in May 2017 targeted computers running Microsoft Windows operating system, and, in particular, hundreds of thousands of computers belonging to organizations that had not applied the patches provided by Microsoft prior to the attack.2

Is air gapping your solution? Have you asked yourself what your vendors do for your lab to protect your business?

Do you know if your business partners are cybersecurity champions or liabilities?

What makes healthcare organizations vulnerable to cyberattacks:

  • Sensitive data: Healthcare organizations store vast amounts of personal and medical data, including protected health information (PHI), financial information and personally identifiable information (PII). This can make them targets for attackers seeking valuable information for ransom.
  • Complex networks: The extensive and interconnected networks in healthcare facilities contain lab information and connected automation modules for productivity, which can increase the surface for potential attacks.
  • Insufficient security measures: Budget constraints and other priorities sometimes result in inadequate investment in cybersecurity and overall security. This increases vulnerability.
  • High demand for availability: Systems need to be constantly available for testing, narrowing the window of opportunity for security updates and patches.
  • Human error: Employees may fall victim to phishing attacks or other social engineering tactics, rendering their organizations susceptible to functional, financial and reputational damage.

You have probably discussed with your IT partner which routines they have, how they perform risk management, how often they deploy patches and which threat intelligence sources they use. 

What else can your laboratory do to minimize your lab’s risk exposure?

Firewalls, network segmentation and fire-fighting cyberthreats are no substitute for taking a systematic approach to information security management.

With Thermo Fisher Scientific by your side, you get a business partner who prioritizes secure workflow efficiency solutions with reliable instruments and world-class service support. This allows your lab to:

  1. Offer accurate allergy and autoimmune diagnostic test results
  2. Scale your operations
  3. Drive profitability and competitiveness 

Information security management systems (ISMS) standards

Thermo Fisher has achieved ISO/IEC 27001:2022 certification, a globally recognized standard for ISMS. Here, we refer specifically to the ISMS supporting the Phadia™ Laboratory Systems including software applications (Phadia™ LabCommunity, Quality Club™) related log file management, instruments and services.3 This certification demonstrates our commitment to:

  1. Systematically manage sensitive information
  2. Implement comprehensive policies, procedures and controls
  3. Manage and mitigate information security risks

Our dedication to information security is proven through this rigorous ISO/IEC 27001:2022 certification process.

A female laboratorian carrying a tray of tests in the lab

Benefits from choosing to work with an ISO/IEC 27001: 2022 certified business partner:

Comprehensive risk management

  • ISO/IEC 27001:2022 provides a structured approach to identifying, assessing and mitigating information security risks.
  • It provides a holistic approach and encompasses people, policies and technology, supporting defence against threats.

Commitment to security

  • Certification requires ongoing investment in security measures, reflecting long-term commitment to cybersecurity.
  • It ensures high standards of cyber resilience and operational efficiency.

Reduction in cyber-attack vulnerability

  • As an ISO/IEC 27001:2022 certified organization, we implement rigorous security protocols.
  • Accredited bodies ensure compliance with high international standards, providing assurance of robust security practices.

Support for data integrity, confidentiality and availability

  • Established processes focus on data integrity, confidentiality and accessibility.
  • The Phadia™ Laboratory Systems privacy and security guide includes measures for authenticity and non-repudiation, ensuring authorized access and compliance.

Operational excellence with global recognition

  • Independent certification shows full investment in secure information management.
  • It ensures constant vigilance.
  • It repares the organization to face technology-based risks through continuous improvement.

Cost savings

  • ISO/IEC 27001:2022 reduces expenses on ineffective defense technologies by increasing operational efficiency.
  • It identifies and addresses weaknesses proactively, reducing the risk of unauthorized access, financial losses and reputational damage.

Check today if all your vendors and suppliers are ISO/IEC 27001:2022 certified and actively supporting your lab’s cybersecurity preparedness. 

Ready to learn more about our solutions?

Contact us
References
  1. https://investors.bio-rad.com/press-releases/news-details/2019/Bio-Rad-Makes-Progress-Recovering-from-Recent-Ransomware-Attack-12-12-2019/default.aspx
  2. Prevezianou, M.F. (2021) “WannaCry as a Creeping Crisis”, in Boin A. et al. (eds), Understanding the Creeping Crisis. Switzerland: Palgrave Macmillan, pp. 37-50.
  3. Certificate of Registration. (2024). Information Security Management System ISO/IEC 27001:2022.