LogiPharma USA 2024: Lessons Learned from Risk Mitigation

In order to accomplish the industry’s ultimate priority—patient safety—a certain level of collaboration and communication is required among partners and stakeholders.

To further illustrate this concept, Brendan Ryan, counterintelligence risk chief, supply chain and cyber directorate (SCD) at the Office of the Director of National Intelligence (ODNI) moderated a panel on “The Evolving Threat Landscape—The US Government’s Lessons Learned for Mitigating Risk Across the Pharma Supply Chain.” He was joined by Peter Battaglia, deputy director, mission assurance division, Department of Defense (DoD) Logistics Agency; Jeanette McMillian, assistant director, National Counterintelligence and Security Center’s SCD, ODNI; and Leigh Verbois, PhD, director at the Office of Drug Security, Integrity and Response at the FDA.

Their objective was to cover various subject matters including (but not limited to):

• The physical threats affecting supply chain operations both inside the United States and across global transit routes
• How to protect digital assets across the value chain
• Lessons learned from Operation Warp Speed

The biggest threats to the pharmaceutical supply chain

When it comes to protecting the pharma supply chain,McMillian noted that it starts with the CIA, just not the one that you might think.

“We certainly look at this as the CIA. Not the CIA and Langley, but CIA when it comes to confidentiality, integrity and availability,” she explained. As we've all suffered through the pandemic, we know that last piece, that availability piece, has become first and paramount to all of our supply chains as we try to manage those risks. We saw that during the pandemic, several nation state actors, are targeting organizations. They were targeting organizations across the board, especially when it came to the COVID-19, development of the vaccine, and then also the distribution chains. So those organizations that they were targeting included everything from healthcare bodies, pharmaceutical companies, academia, medical research organizations, and of course, state and local governments. At that time, the intellectual property surrounding the vaccine was absolutely critical to protect, as we all knew, and then doing so was in need to protect both the confidence of the vaccine and the integrity and the ingredients that went into it.”

In order to protect those assets, it involved taking a look at those actors to who were using every threat possible to access critical information by applying that CIA acronym.

When it comes to steps that the FDA is taking to enhance that integrity of the pharmaceutical industry, particularly with respect to critical infrastructure data protection, Verbois noted that these various presented bodies need to understand and communicate with one another; for example, it’s imperative that the organization understand the risks McMillian presented.

“At the FDA, we need to work with stakeholders to help make sure that they understand those risks, and they help to integrate those risks within their systems and processes,” said Verbois. “We help to make sure those are integrated into regulatory processes and make sure that those are really well developed within organizations. We do that through outreach and communication, through innovative partnerships, through asking specific questions. We develop innovative partnerships to help organizations that have the capability to educate individuals such as yourself, to ensure that they are moving the ball down the down the field, to continue to educate stakeholders and ensure that they understand what they need to develop within their own organizations, to ensure that they're making a difference.”

For Battaglia, it’s also important to highlight not only the overlaps between the agencies, but the differences as well.

“The FDA is concerned about public health, whereas the Department of Defense and Defense Health Agency is looking at military health, and while those are Venn diagrams, they are not complete overlaps, so the assurance that we have to provide a ready medical and a medical ready force slightly different. So being able to communicate that being able to share our information and data throughout the entire network, as well as take the appropriate steps [is important].

Operation Warp Speed

Ryan raised a thought-provoking question to the panel: Given the success of Operation Warp Speed, what best practices would you like to provide to industry on how to leverage their real, critical supply chain productions?

Although it may not have been inherent only to COVID, the virus brought to light the power of collaborating at a rapid pace.

“This wasn't just in the federal government,” said Verbois. “It was across government, academia, industry, and without that, there would not have been success when we walked in this room. Those were the things that were highlighted in here: communication and collaboration. I think that at this meeting itself, it’s really interesting to see that those are the things that people are really speaking to when they come to meetings; they value educating themselves, coordinating, and collaborating when they come into work.”

Battaglia was in complete agreement concerning the coordination, the information sharing, and all of the communication aspects, but he pointed out that it’s also important to consider the future.

“Additionally, it's that analysis referring back to scale and looking in the future. How do you develop those predictive models in order to see what wight happen in the future? One of the reports that we had gotten tasked with is the Section 860 report out of the FY 23 National Defense Authorization Act. The DLA took a look at the pharmaceutical supply chains, just for active pharmaceutical ingredients, and we discovered some relatively amazing information, including there's roughly 20 to 25% of the supply chain’s active pharmaceutical ingredients that are just unknown. No one knows where they're coming from. How do we resolve that information? Again, through that communication, collaboration. There is some suspicion that DOD, or the US government, is trying to gather this information to ultimately control supply chains and space and everything like that. That’s conspiracy theory.

“What we're doing is making sure that everyone understands what the risks associated are. If you're shipping through the South China Sea, you have risk. If you're shipping through the Suez Canal and the Red Sea, you have risk. Do you understand what that is? How that applies to yourself, but then also applies to us and national security, not only on the Department of Defense side—where we're looking to maximize military capability—but on the public health side? Look at COVID. Various things happened from a medical perspective, they impacted operations, just like production and toilet paper. Everyone remembers that it's a cross-related event, and we need to both learn from as well as forecast to see what would happen.

Reference

Battaglia P, McMillian J, Ryan B, Verbois L. “The Evolving Threat Landscape—The US Government’s Lessons Learned for Mitigating Risk Across the Pharma Supply Chain.” September 25, 2024. LogiPharma USA 2024. Boston.