Three security lessons from the WannaCry ransomware attack

As the most devastating cyber-attack of 2017 to-date, the WannaCry attack has had a colossal impact on organisations around the world. The exploit infected over 200,000 computers in 150 countries, crippling everything from hospitals to logistics firms.

While it will take months for forensic investigators to sift through the fallout, in the short term the attack has provided a timely wake-up call to businesses in every industry about the importance of security.

Here are three key learnings from the incident to help protect your organisation.

Update, update, update

In theory, the impact of the WannaCry ransomware should have been minimal because Microsoft rolled out a patch for the vulnerability on March 14, 2017. But internal estimates at Tata Communications suggest that, in reality, only 10 to 15 per cent of businesses around the world had implemented the critical update. The majority of businesses were unprotected and had to firefight the attack with emergency patching.

This brings us to our first important lesson, which is that business leaders need to appreciate the importance of security updates. All too often we see IT departments needing to wait for approval from divisions higher up in the hierarchy before they can issue critical patches. For example, CFOs may be unwilling to sign off on updates because it risks application downtime during critical periods such as the end of a financial quarter when every sale counts. Delaying a security update may provide a short-term benefit but as WannaCry dramatically showed, doing so can leave you vulnerable in the long-term.

Evolve your security mindset

Today, we’re seeing SMEs and large corporations adapting their business models to re-invent themselves during the era of digital disruption. This same principle needs to be applied to the way they handle security internally.

Investing in the best infrastructure is the foundation of any security strategy. However, just because you have a secure network on day one, it doesn’t mean you can be complacent. Once infrastructure is put in place, many organisations fall back into the outdated practice of ‘incident response’. This spells disaster in the digital era where issues can arise and snowball on a minute-by-minute basis.

So what’s the strategy going forward? The answer is to move towards a ‘continuous response’ mind-set. This can be achieved by investing in detection and predictive tools and services to gain a 360 degree overview of your defences and address any weaknesses as soon as possible. The digital transformation that many organisations are undergoing currently represents an opportunity to only harness new digital technology

It’s difficult to stress how important it is to be adaptable for this strategy to work. You need to have the most up-to-date information on vulnerabilities at your fingertips, which will allow you to make informed decisions and increase overall security.

Trust the experts

With security exploits emerging at unprecedented rates, it’s almost impossible for businesses today to navigate the security minefield alone. With that in mind, it’s become essential to seek out the expertise of a managed security services provider (MSSP) for two reasons.

Working with a security provider can help you to develop a solid preventative strategy. Secondly, an MSSP can also provide invaluable support during times of crisis.

Remember, security is not a perfect science. You won’t be able to thwart every cyber-attack ahead of time but much like the game of chess, implementing a good strategy will always swing the odds in your favour.

Srinivasan CR is senior vice president – Global Product Management and Data Centre Services at Tata Communications