Forrester Principal Analyst Jeff Pollard explains the WannaCry ransomware attack and what it means to business and technology leaders as companies and institutions become increasingly under siege from cyberthreats.
Jeff Pollard, Principal Analyst
The threat spectrum has changed. Severe cyberthreats were the exception, and most institutions and companies could manage against the threat spectrum with a rational set of tools and processes. The motivations may well be similar enough — to make money, gain notoriety, get the thrill of disruption, or steal IP or secrets — but the professionalism of bad actors is changing the game and bringing cybersecurity to the front page and the CEO’s desk.
May 12, 2017 was another day of cyberinfamy based on malware, as hospitals and critical infrastructure providers were locked out of their machines due to ransomware dubbed WannaCry, which spread through corporate and government networks, paralyzing businesses and affecting patient care in the UK. The Shadow Brokers, which released the ransomware, took the extra step to monetize through Bitcoin, cybercurrency that complicates the ability of law enforcement across the globe.
WannaCry is one more piece of evidence telling us about this growing threat. As companies continue to digitize their business through the internet of things and artificial intelligence, the available attack surface and impact of hacks grows while the number of threats increases. Security as an afterthought is likely a self-inflicted (and near-fatal) wound for companies and institutions.
In this podcast, Jeff Pollard emphasizes how being ready to respond to an event such as ransomware is fundamentally different — and better — than reacting to one in real time. And that response is not patching or bringing systems back up but a cohesive, enterprisewide effort that considers customer data, customer experience, and brand among other factors. Whether employing a digital extortion decision tree for ransomware events or, more broadly, making tabletop response planning a common practice for any cyberthreat, companies and institutions need to ensure that they are ready to respond to an elevated threat spectrum.