IBM’s report Thursday about the “cyberespionage” threat to the COVID-19 vaccine supply chain may have caused you to think about your own company’s cyversecurity.

Here are some recommendations from IBM’s security group about what to do:

  • Create and test incident response plans to strengthen your organization’s preparedness and readiness to respond in the event of an attack.
  • Share and ingest threat intelligence. Threat-sharing initiatives and partnerships are essential to staying alert about the latest threats and attack tactics impacting your industry. IBM Security X-Force has been feeding this threat intelligence into the COVID-19 threat sharing enclave. At the onset of the pandemic, IBM made this enclave freely accessible to any organization in need of more eyes on cyber threats.
  • Assess your third-party ecosystem and assess potential risks introduced by third-party partners. Confirm you have robust monitoring, access controls and security standards in place that third-party partners need to abide by.
  • Apply a zero-trust approach to your security strategy. As environments continue to expand, managing privilege access becomes paramount to ensuring that users are only granted access to the data that is essential to their job.
  • Use Multifactor Authentication (MFA) across your organization. MFA works as a fail-safe if a malicious actor has gained access to your credentials. As a last line of defense, MFA offers a second form of verification requirement in order to access an account.
  • Conduct regular email security educational trainings so employees remain on alert about phishing tactics and are familiar with email security best practices.
  • Use Endpoint Protection and Response tools to more readily detect and prevent threats from spreading across the organization.

Want more information? Check out this report.

IBM detects cyberespionage attack targeting COVID-19 vaccine supply plans