This past weekend marked the one year anniversary of the WannaCry ransomware attack that hit over 200,000 computers in 150 countries, temporarily crippling organizations from government to healthcare, retail, financial services, manufacturing, and many more.
Where were you? I remember I was on a plane home to California from the UK that weekend, and the jet lag and time differences highlighted industry reaction as news followed the attack's migration globally:
Matt Cauthorn, VP of Security for ExtraHop, recently spoke with CIO Dive to talk about the first anniversary of WannaCry, reflect on what went so badly wrong, and how organizations have evolved over the last year in response to the threat.
It's only a possibility the tech industry learned its lesson from WannaCry last year, Cauthorn said. However, at the very least organizations have gained a greater awareness of "entrenched dependencies [on] specific software or technology approaches" and how they expose companies to further risk.
We're seeing a renewed interest in governance and risk management to oversee technology changes—from container adoption to new encryption standards—and WannaCry and its derivatives over the last year help remind us of the need for ongoing security hygiene and investment.
To read more, visit CIO Dive.
If you're a security professional looking to make sure your SOC is proactive enough to handle the next WannaCry, don't miss our webinar on action-oriented security with ESG analyst Jon Oltsik: Register for A Bias for Action: Security Analytics for the Advanced SOC.