Table 1.
Relative risk perception of different cybersecurity threats to biotech.
| No or minimal risk | Risk comparable to normal operating standards | Elevated or severe risk | |
|---|---|---|---|
| An incident in which an unauthorized actor takes control of infrastructure (e.g., lab equipment, lab control systems, or even a fully automated robot lab) | 2 | 2 | 9 |
| An incident in which an unauthorized actor accesses data, information, or knowledge that is not in the public domain | 0 | 2 | 11 |
| An incident in which an unauthorized actor is able to circumvent security controls, such as those used to screen orders and customers amongst certain biotech service providers | 0 | 3 | 9 |
| An incident in which an unauthorized actor is able to secretly change data, information, or knowledge | 0 | 1 | 12 |
| An incident in which an unauthorized actor is able to interrupt the functioning of lab systems | 0 | 4 | 9 |
| An incident originating from a compromise in the supply chain | 0 | 2 | 9 |
White, No response; Yellow, 1 to 5 responses; Orange, 6 to 10 responses; Red, Over 10 responses.