Failure to act on security advice and warnings is unforgivable and is why the WannaCry attack was so successful in bringing a halt to the UK health system.
Unaware. Ill-informed. These are all words that can describe the NHS and Department of Health in relation to the WannaCry attacks that crippled not only the UK’s health and medical services, but other major organizations around the world back in May 2017.
A National Audit Office (NAO) investigation into the attack found that the NHS could have avoided the ransomware outbreak had it followed “basic IT security”. The NAO revealed that 19,500 medical appointments were cancelled, computers at 600 GP surgeries were locked and five hospitals had to divert ambulances elsewhere. With such critical data stored within the NHS systems, it is unforgiving to discover that basic IT security measures were neglected, especially when you considered the aggressive nature of the current cyber climate.
This year has seen some of the most disruptive and costly cyber attacks ever, with the likes of NotPetya, WannaCry and BadRabbit (which hit last week) all causing mayhem to enterprises and state services globally. Hackers show no remorse for their victims or care for what data is being exploited; if the data is valuable, it is a target. This rogue mentality is dangerous and leaves everyone equally vulnerable.
If that harsh truth doesn’t send shivers up the spine of board level executives, then maybe the cost of a data breach will. The 2017 IBM Cost of a Data Breach Study conducted by Ponemon Institute found that the global average cost of a data breach $3.62 million. The study also found that the average cost for each lost or stolen record containing sensitive and confidential information stands at $141. It’s also alarming to hear that the average size of the data breach has increased 1.8 percent to more than 24,000 records. Factor in the damage done to the enterprises reputation and the threat of liquidation or bankruptcy becomes extremely real.
It is common knowledge that the rate of cyber attacks is increasing, with hackers finding more creative and harmful ways to expose any flaw available. This simple reason is why the key decision makers need to avoid burying their heads in the sand in hope the problem goes away. It is time to take security seriously.
Last year, more than one billion records were compromised by cyber attacks. With more companies moving to the cloud, that number is likely to increase. Here's how to identify the biggest risks to your cloud data and what to do about them. Read more