It is easy for the cybersecurity community to point fingers in the event of an attack and NTT Security has long advocated doing the basics in our previous Global Threat Intelligence Report. But it is incumbent on us all to take the threats seriously and collaborate to ensure that the risks are minimised. It is easy for us to say ‘patch your systems’ and ‘keep anti-virus up to date’ but this implies that the resources are available to test critical systems and applications.
The NHS has many systems – most of which are critical, if not life supporting. But until we all start to take these threats seriously and to embed cyber resilience into our systems and services at the outset, we will continue to see the impact of these threats escalate.
Businesses are focused on reducing costs and providing greater value (while trying to be compliant!), which is why they are focused on digital transformation. However, cyber resilience must be an essential part of this transformation process – not an afterthought. Upfront design and architecture along with continual review and testing will save considerable time and resources in recovering from a cyber attack. It is vitally important that we, as a cyber community, collaborate and take action. And if we don’t? The digital transformation that has increased global knowledge and social awareness will be undermined and the trust in our digital economy and the liberty it has provided us will be lost.
Ransomware and cyber criminals are not new and, at NTT Security, we continually prevent attacks affecting businesses. While the latest ransomware attack has seriously disrupted the health service and other industries, it has served as a call to action to all of us to do the basics and to spread the knowledge that these types of attacks don’t have to cause widespread disruption.
This attack can and should act as a catalyst to foster the sharing of best practice and to ensure that the countermeasures are achieved and, more importantly, tested regularly. The awareness of this attack, although shocking, should be leveraged to educate everyone that wants to continue to benefit from the digital economy and all the benefits this brings to business and our personal lives.
The business benefits of embedding cyber resilience into the digital transformation must be seen as an essential part of providing real business value and not by simply adding cost and slowing time to market. We are too often driven by these primary business drivers. And that is to be first to market or to reduce costs. The good news is that some businesses are changing this as cybersecurity becomes an important board issue. It has to be pervasive across all corners of the world though, or else we will continue to see these headlines.
CYBER ATTACK: New variant of 'WannaCry' virus is infecting 3,600 computers per HOUR