Biolabs cybersecurity Researchers carefully protect dangerous pathogens – but how secure are all their data?

By Carole Baskin

Published 17 August 2015

Ebola, smallpox, anthrax and many others: the most dangerous microorganisms are strictly regulated in the United States. The federal government oversees use of sixty-five so-called select agents with “the potential to pose a severe threat to public, animal or plant health, or to animal or plant products.” There has never been as much research performed with these pathogens —to learn more, find cures, or create vaccines — as in the past decade. The sprawl of high containment laboratories has led to a parallel increase in individuals with access to these agents. As of January 2015, approximately 11,000 individuals were on the list. The deadly infectious agents must be kept safely under lock and key, where they can’t threaten the general population or fall into the wrong hands. But even the most physically secure research lab could be the site of a devastating data security breach. As they stand now, information security guidelines published by science regulators with regard to select agents lack the critical level of detail needed to protect data effectively.

Researcher working with the Ebola virus // Source: www.osha.gov

Ebola, smallpox, anthrax and many others: the most dangerous microorganisms are strictly regulated in the United States. The federal government oversees use of sixty-five so-called select agents with “the potential to pose a severe threat to public, animal or plant health, or to animal or plant products.” Before scientists can work with them to learn more, find cures or create vaccines, they must meet a long list of conditions. The goal is to keep deadly infectious agents safely under lock and key, where they can’t threaten the general population or fall into the wrong hands.

But even the most physically secure research lab could be the site of a devastating data security breach. As they stand now, information security guidelines published by science regulators with regard to select agents lack the critical level of detail needed to protect data effectively.

There has never been as much research performed with these pathogens as in the past decade. The sprawl of high containment laboratories has led to a parallel increase in individuals with access to these agents. As of January 2015, approximately 11,000 individuals were on the list.

As the amount of research done on these deadly microorganisms continues to grow, the scientific community needs to wise up about information security threats and toughen up its defenses. The stakes are high. The goal is to avoid a data security breach that could, for instance, provide bioterrorists with information they could use to make already dangerous agents even more so.

Physically securing dangerous pathogens
The government has mandated strong security measures for people working with deadly microorganisms since 2001, subsequent to the anthrax events that followed 9/11.

Today, research has to be reviewed internally by a scientist’s institution to assess whether safety precautions are adequate. In some cases, it’s reviewed externally as well by the National Institutes of Health (NIH) (one of the major federal sources of funding for researchers). The NIH takes particular note if potential results could be used for nefarious purposes or if recombined genetic materials are to be administered to human beings.

Personnel must pass stringent background checks. Facilities must be inspected for proper containment and physical security. Standard operating procedures must be in place to ensure protection of the agents, scientists, community and environment. All of these precautions are meant to ensure that dangerous pathogens don’t infect anyone and stay safely in the lab.