As pharmaceutical research becomes more digital and globally connected, data security has become a critical priority for biotech and pharma companies.
Recognizing this shift, Symeres has announced that it has achieved ISO/IEC 27001 certification, the internationally recognized standard for information security management systems (ISMS).
The certification reinforces the company’s commitment to protecting sensitive client data across its global operations.
Biopharmaceutical companies rely heavily on outsourcing partners for research, development, and manufacturing.
However, the data involved in drug discovery programs is often highly sensitive intellectual property.
With rising cybersecurity threats and emerging AI-driven risks, companies are increasingly demanding stronger information security measures from their partners.
According to Gabriella Gentile, Chief Operating Officer at Symeres, cybersecurity is now central to scientific collaboration.
She noted that proprietary research data often represents the “crown jewels” of drug development, making robust protection systems essential.
The ISO/IEC 27001 certification is a globally recognized framework for managing information security.
It requires organizations to establish a structured system that protects sensitive data through:
For companies like Symeres, the certification signals to clients that data protection processes are formally audited and internationally compliant.
The decision to pursue certification was driven by growing demand from pharmaceutical clients, financial institutions, and regulators.
Information security assessments have now become a standard step in onboarding for many large pharmaceutical companies. By obtaining ISO 27001 certification, Symeres can streamline this process.
Instead of answering repeated security questionnaires, the certification allows the company to demonstrate compliance upfront, reducing delays in project initiation. This helps research teams focus more quickly on scientific progress and program execution.
The certification effort was part of a broader two-year internal initiative to strengthen information governance.
According to Mark Verhaar, Project Manager at Symeres, the company conducted a detailed review of potential security risks and implemented structured policies to address them.
Key elements of the company’s security framework include:
The approach focuses not only on compliance but also on continuous improvement as digital risks evolve.
The certification also helps support broader compliance initiatives across the industry.
For example, the NIS2 Directive in the European Union identifies healthcare organizations as critical infrastructure operators, requiring stronger cybersecurity protections.
By aligning with ISO 27001 standards, Symeres positions itself to meet these evolving regulatory expectations.
Symeres is currently rolling out ISO 27001 certification across its international facilities.
The company operates research and development sites in:
Completion of certification across all locations is expected before the end of the year.
According to Guillaume Jetten, CEO of Symeres, ISO 27001 certification has become a baseline requirement for working with major pharmaceutical companies and emerging biotech firms.
By implementing globally recognized security standards, the company aims to reinforce trust with clients developing small-molecule therapies and other drug modalities.
As pharmaceutical R&D becomes increasingly data-driven, cybersecurity is rapidly becoming a core requirement for contract research organizations.
For companies like Symeres, achieving ISO 27001 certification demonstrates not only compliance but also a commitment to secure, transparent, and collaborative drug development partnerships.
With stronger information security frameworks in place, outsourcing partners can better support the next generation of transformative therapies—from early discovery to clinical-stage development.