Building a Cybersecurity Strategy for the COVID-19 Vaccine

Building a Cybersecurity Strategy for the COVID-19 Vaccine
NETSCOUT

The emergence of effective COVID-19 vaccines represents an extraordinary scientific achievement—as well as a global challenge when it comes to the logistics involved in getting needles into arms. And as the news is filled with stories vaccine rollout, eligibility, and scheduling, bad actors are paying attention. Always fans of the opportunistic pivot, cybercriminals know that if it’s important to us, it’s an opportunity for them.

It’s clear that in-depth cybersecurity strategies are essential to protect trade secrets, patents, clinical trial data, supply paths, and development and manufacturing agreements. The environment is ripe for disinformation and cyberattacks, which means that distributed denial of service (DDoS), phishing, or malware campaigns could target specific medical providers or even the general population. Vaccine-related intellectual property is also highly valuable, so pharma companies are easy targets.

Consider the following:

  • The process of vaccination, which often requires two doses, requires public health authorities to collect retain accurate personal data on which individuals already received shots from which manufacturers to ensure they get the correct second dose.
  • Countries employing so-called “vaccine passports” as part of the reopening process also possess a treasure trove of privacy-sensitive information. They need a thorough account of which individuals, private entities, and government authorities can access this data.

Ensuring total and pervasive visibility into this potentially overwhelming volume of vaccine information is critical to securing it. This means building consistency across management systems. They should share the same underlying packet data to allow network and operations teams to make decisions in concert. These tools need to facilitate quick detection, investigation, and response to threats while making it easy to integrate with security information and event management (SIEM) platforms.

Hybrid cloud approaches are best because they integrate traditional network architectures in a physical data center. That way, healthcare IT professionals will retain visibility as they migrate to the cloud or roll out native applications. Tools with agentless packet access and cloud-resident virtual instrumentation add minimal load to any cloud infrastructure.

But gaining a pervasive view is only the beginning. It is increasingly difficult for cybersecurity teams to rely solely upon log-based data for threat detection, investigation, and remediation. Industry professionals realize that wire-based metadata and packets contain the single source of truth. Whether securing an internal corporate network, remote office location, or cloud environment, medical enterprises and public health authorities need an intelligent retrieval system that investigates and remediates breaches quickly.

Adding contextual, real-time analytics and threat intelligence allows users to turn massive amounts of wire data into actionable insights for efficient cyber-threat detection and investigation. Agencies should conduct host and network investigations simultaneously. The former provides visibility into internal and external host interactions, while the latter offers a 360-degree view of servers, applications, and conversations. Both of these crucial elements require packet stores for critical data and centralized indexing to enable fast retrieval and analysis.

Speed of execution, coordination among various agencies, and data protection will be critical to make the COVID-19 vaccine rollout a success. In the face of a global health crisis, there is no time to waste.

Learn more about security visibility at scale