SlideShare a Scribd company logo

Cybersecurity After WannaCry: How to Resist Future Attacks

Strategy&, a member of the PwC network
Strategy&, a member of the PwC network

A few key habits and attributes can help protect companies from ransomware -- now and going forward.

Technology
1 of 5
Download to read offline
www.strategy-business.com strategy+business ONLINE MAY 16, 2017 Cybersecurity after WannaCry: How to Resist Future Attacks A few key habits and attributes can help protect companies from ransomware — now and going forward. BY DAVID BURG AND SEAN JOYCE
www.strategy-business.com 1 legedly from the National Security Agency by an anony- mous group called Shadow Brokers). Similar documents (allegedly originally from the Central Intelligence Agen- cy) were published by WikiLeaks in March 2017, and there will probably be more such leaks, not just in the U.S. and Europe, but in countries around the world. Ev- ery breach will empower independent actors with tools heretofore held by governments. Ransom, blackmail, surveillance, shutdown, and data manipulation are all more feasible than they were only a few months ago. All companies and organizations must now ask themselves the same question, whether they were af- fected by WannaCry or not: How can we protect our- selves from similar attacks in the future? Here are five key factors that separate vulnerable companies from more resilient enterprises. 1. Robust digital hygiene. The WannaCry event highlights the importance of vigilant IT management: staying up to date with technological advances. Micro- soft released its patch for WannaCry’s Windows vulner- ability in March 2017. Companies that promptly in- stalled it were protected, while many of the hardest-hit companies were using outdated operating system soft- ware and even pirated software. Robust hygiene also involves rigorous backup practices. For example, don’t just back up your company’s data. Test the backups regularly. Secure them so they are separate from your T he ransomware attack known as WannaCry first struck on Friday, May 12, 2017, and by the following Monday, it had reached more than 200,000 computers in 150 countries. Although we still don’t know all the details, it’s clear that some organiza- tions were victimized far more severely than others. The news of this episode reinforces a view that we at PwC have promoted for a long time: Effective protection against cyber-attacks has less to do with any particular technological factor, and everything to do with proac- tive risk management in general. Like all ransomware, WannaCry damages compa- nies in two ways. First, it costs the organization to re- cover the documents that the algorithm has encrypted. Second, even if the ransom payment is small — and there’s no guarantee that future ransomers will limit theirs, as was the case with the WannaCry fee, to US$300 in bitcoin — the costs of coping can be im- mense. Research conducted by PwC found that most ransomware incidents resulted in hours of downtime or networks taken offline for up to 10 days. Moreover, the attackers still hold any proprietary data they picked up. They can sell it or release it publicly, even after the tar- geted company has paid a ransom. We expect there will be more attacks because the techniques and exploits used to distribute WannaCry were only recently leaked to the world in April 2017 (al- Cybersecurity after WannaCry: How to Resist Future Attacks A few key habits and attributes can help protect companies from ransomware — now and going forward. by David Burg and Sean Joyce
www.strategy-business.com 2 systems accordingly. Pay particular attention to your information supply chain: Which vendors, suppliers, and partners have access to your data, and what are they doing to secure it? Rethink your authentication and security controls; for example, introduce two- factor authentication, in which a password must be combined with biometrics, tokens, or some other authentication factor. 4. Advance planning and rehearsal. In the same way that you have developed advance plans for floods, fires, and other emergencies, prepare for cyber-attacks before they occur. The plans should specify how you will re- spond if there is an attack, and who will be accountable for which aspect. (For example, who will head up the information chain that notifies customers if their credit card information is stolen — the chief risk officer, the chief information security officer, or someone else?) To prepare for ransomware attacks, set up a decision ma- trix. Who will retrieve the information from a backup? Who will communicate with the data kidnappers? Un- der what last-resort circumstances — for example, a threat to life — might you be forced to pay the ransom? Think through all of this in advance and rehearse your responses. If a crisis does occur, you will already know what to do. 5. Early adoption of cloud technology. Cloud-based systems are updated easily and automatically in one lo- other systems or networks; otherwise, they will be cor- rupted as well. 2. The ability to detect intrusive behavior. Human error is still the most prevalent means of gaining access to proprietary information. Employees often unwitting- ly expose data to a cyber threat actor through a fraudu- lent email or other socially engineered techniques, thereby giving hackers access to passcodes or other means of entry. Organizations with effective risk man- agement practices rarely release sensitive information to outsiders inadvertently. They are particularly protective of administrative accounts and other privileged infor- mation; they make it extremely difficult to obtain the kind of data that would allow someone to take over a system. They are also attuned to detection, learning to recognize the keystroke behavior common to intruders and isolate it in real time. The one thing they share openly is the data about the intruders they detect; col- laboration among security professionals from a wide range of organizations is one of the best defenses against cybercrime activity. 3. Thoughtful design of IT infrastructure. Every company has its own most valuable information assets: critically important intellectual property, proprietary customer-related data, financial data, and other strate- gically valuable insights. These must be protected dif- ferently from other information assets. Design your David Burg david.burg@pwc.com is a principal in the PwC US advisory practice. He is PwC’s global and U.S. cybersecurity leader. Sean Joyce sean.joyce@pwc.com is a principal in the PwC US advisory practice. He leads the firm’s cybercrime unit, focusing on cybersecurity, anti-money laundering, fraud, and anti- bribery/anti-corruption. Previ- ously, he was deputy director with the U.S. Federal Bureau of Investigation. Also contributing to this article were PwC US partner Thomas Archer, PwC UK partner Kris McConkey, and PwC US directors Adam Malone and Mark Ray.
www.strategy-business.com 3 cation, accumulate data in real time about attacks and intrusions, and incorporate built-in constraints that separate software layers and block intrusive software from reaching fruition. This gives them an edge over systems that rely on computers on the premises. It may also be relatively difficult for intruders to exploit holes in cloud-based architecture. For example, in late April 2017, Google blocked a spear phishing attack (an at- tempted use of targeted email to get people to send com- promising information); the cloud-based aspects of Gmail software enabled it to rapidly identify and isolate the intruding malware. Of course, even if you have these five attributes in place, you cannot be complacent. The most effective companies have focused on developing their cybersecu- rity acumen. New ways of approaching your computer systems will become a way of life: preventing intrusion; preparing for your response (including separating your backups from your network); detaching your backups from the rest of your activity; responding rapidly and effectively to intrusions when they occur; recovering, if necessary, with measures you have put in place ahead of time; and building resiliency. When these activities have become ingrained in your company, then your prowess at managing cyber risks becomes a strategic as- set. If you can do that, you can also master many of the other management challenges in our increasingly com- plex business environment. +
strategy+business magazine is published by certain member firms of the PwC network. To subscribe, visit strategy-business.com or call 1-855-869-4862. • strategy-business.com • facebook.com/strategybusiness • linkedin.com/company/strategy-business • twitter.com/stratandbiz Articles published in strategy+business do not necessarily represent the views of the member firms of the PwC network. Reviews and mentions of publications, products, or services do not constitute endorsement or recommendation for purchase. © 2017 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details. Mentions of Strategy& refer to the global team of practical strategists that is integrated within the PwC network of firms. For more about Strategy&, see www.strategyand.pwc.com. No reproduction is permitted in whole or part without written permission of PwC. “strategy+business” is a trademark of PwC.

Recommended

Threat Lifecycle Management_Whitepaper
Threat Lifecycle Management_WhitepaperThreat Lifecycle Management_Whitepaper
Threat Lifecycle Management_WhitepaperDuncan Hart
 
Tech Talent Meetup Hacking Security Event Recap
Tech Talent Meetup Hacking Security Event RecapTech Talent Meetup Hacking Security Event Recap
Tech Talent Meetup Hacking Security Event RecapDominic Vogel
 
Whitepaper | Cyber resilience in the age of digital transformation
Whitepaper | Cyber resilience in the age of digital transformationWhitepaper | Cyber resilience in the age of digital transformation
Whitepaper | Cyber resilience in the age of digital transformationNexon Asia Pacific
 
Managed security services for financial services firms
Managed security services for financial services firmsManaged security services for financial services firms
Managed security services for financial services firmsJake Weaver
 
Cyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sdCyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sdSusan Darby
 
Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity Dawn Yankeelov
 
clearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochureclearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochureLee Dalton
 
No National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law PleaseNo National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law PleaseWilliam McBorrough
 

Recommended

Threat Lifecycle Management_Whitepaper
Threat Lifecycle Management_WhitepaperThreat Lifecycle Management_Whitepaper
Threat Lifecycle Management_WhitepaperDuncan Hart
 
Tech Talent Meetup Hacking Security Event Recap
Tech Talent Meetup Hacking Security Event RecapTech Talent Meetup Hacking Security Event Recap
Tech Talent Meetup Hacking Security Event RecapDominic Vogel
 
Whitepaper | Cyber resilience in the age of digital transformation
Whitepaper | Cyber resilience in the age of digital transformationWhitepaper | Cyber resilience in the age of digital transformation
Whitepaper | Cyber resilience in the age of digital transformationNexon Asia Pacific
 
Managed security services for financial services firms
Managed security services for financial services firmsManaged security services for financial services firms
Managed security services for financial services firmsJake Weaver
 
Cyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sdCyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sdSusan Darby
 
Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity Dawn Yankeelov
 
clearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochureclearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochureLee Dalton
 
No National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law PleaseNo National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law PleaseWilliam McBorrough
 
Cyber security master class 2018
Cyber security master class 2018Cyber security master class 2018
Cyber security master class 2018Sanjana Khound
 
idg_secops-solutions
idg_secops-solutionsidg_secops-solutions
idg_secops-solutionsJonny Nässlander
 
Improving cyber-security through acquisition
Improving cyber-security through acquisitionImproving cyber-security through acquisition
Improving cyber-security through acquisitionChristopher Dorobek
 
Before the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracksBefore the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracks- Mark - Fullbright
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsShawn Tuma
 
CTI Report
CTI ReportCTI Report
CTI ReportAlex Deac
 
2010 Sc World Congress Nyc
2010 Sc World Congress Nyc2010 Sc World Congress Nyc
2010 Sc World Congress NycBob Maley
 
140707_Cyber-Security
140707_Cyber-Security140707_Cyber-Security
140707_Cyber-SecurityTara Gravel
 
Challenging Insecurity: A Roadmap to Cyber Confidence
Challenging Insecurity: A Roadmap to Cyber ConfidenceChallenging Insecurity: A Roadmap to Cyber Confidence
Challenging Insecurity: A Roadmap to Cyber ConfidenceS-RM Risk and Intelligence Consulting
 
Guide to high volume data sources for SIEM
Guide to high volume data sources for SIEMGuide to high volume data sources for SIEM
Guide to high volume data sources for SIEMJoseph DeFever
 
Cyber threat forecast 2018..
Cyber threat forecast 2018..Cyber threat forecast 2018..
Cyber threat forecast 2018..Bolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)Sarah Jarvis
 
Adopting Intelligence-Driven Security
Adopting Intelligence-Driven SecurityAdopting Intelligence-Driven Security
Adopting Intelligence-Driven SecurityEMC
 
Avoiding The Seven Deadly Sins of IT
Avoiding The Seven Deadly Sins of ITAvoiding The Seven Deadly Sins of IT
Avoiding The Seven Deadly Sins of ITEnvision Technology Advisors
 
DBryant-Cybersecurity Challenge
DBryant-Cybersecurity ChallengeDBryant-Cybersecurity Challenge
DBryant-Cybersecurity Challengemsdee3362
 
What Small Business Can Do To Protect Themselves Now in Cybersecurity
What Small Business Can Do To Protect Themselves Now in CybersecurityWhat Small Business Can Do To Protect Themselves Now in Cybersecurity
What Small Business Can Do To Protect Themselves Now in CybersecurityReading Works Detroit
 
Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligencewbesse
 
Cybersecurity & the Board of Directors
Cybersecurity & the Board of DirectorsCybersecurity & the Board of Directors
Cybersecurity & the Board of DirectorsAbdul-Hakeem Ajijola
 
Research Paper
Research PaperResearch Paper
Research PaperBrian Kasha
 
Getting ahead of compromise
Getting ahead of compromiseGetting ahead of compromise
Getting ahead of compromiseCMR WORLD TECH
 
Cloud & Sécurité
Cloud & SécuritéCloud & Sécurité
Cloud & SécuritéTechnofutur TIC
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperCMR WORLD TECH
 

More Related Content

What's hot

Cyber security master class 2018
Cyber security master class 2018Cyber security master class 2018
Cyber security master class 2018Sanjana Khound
 
Improving cyber-security through acquisition
Improving cyber-security through acquisitionImproving cyber-security through acquisition
Improving cyber-security through acquisitionChristopher Dorobek
 
Before the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracksBefore the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracks- Mark - Fullbright
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsShawn Tuma
 
2010 Sc World Congress Nyc
2010 Sc World Congress Nyc2010 Sc World Congress Nyc
2010 Sc World Congress NycBob Maley
 
140707_Cyber-Security
140707_Cyber-Security140707_Cyber-Security
140707_Cyber-SecurityTara Gravel
 
Guide to high volume data sources for SIEM
Guide to high volume data sources for SIEMGuide to high volume data sources for SIEM
Guide to high volume data sources for SIEMJoseph DeFever
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)Sarah Jarvis
 
Adopting Intelligence-Driven Security
Adopting Intelligence-Driven SecurityAdopting Intelligence-Driven Security
Adopting Intelligence-Driven SecurityEMC
 
DBryant-Cybersecurity Challenge
DBryant-Cybersecurity ChallengeDBryant-Cybersecurity Challenge
DBryant-Cybersecurity Challengemsdee3362
 
What Small Business Can Do To Protect Themselves Now in Cybersecurity
What Small Business Can Do To Protect Themselves Now in CybersecurityWhat Small Business Can Do To Protect Themselves Now in Cybersecurity
What Small Business Can Do To Protect Themselves Now in CybersecurityReading Works Detroit
 
Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligencewbesse
 
Cybersecurity & the Board of Directors
Cybersecurity & the Board of DirectorsCybersecurity & the Board of Directors
Cybersecurity & the Board of DirectorsAbdul-Hakeem Ajijola
 
Getting ahead of compromise
Getting ahead of compromiseGetting ahead of compromise
Getting ahead of compromiseCMR WORLD TECH
 

What's hot (20)

Cyber security master class 2018
Cyber security master class 2018Cyber security master class 2018
Cyber security master class 2018
 
idg_secops-solutions
idg_secops-solutionsidg_secops-solutions
idg_secops-solutions
 
Improving cyber-security through acquisition
Improving cyber-security through acquisitionImproving cyber-security through acquisition
Improving cyber-security through acquisition
 
Before the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracksBefore the Breach: Using threat intelligence to stop attackers in their tracks
Before the Breach: Using threat intelligence to stop attackers in their tracks
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
 
CTI Report
CTI ReportCTI Report
CTI Report
 
2010 Sc World Congress Nyc
2010 Sc World Congress Nyc2010 Sc World Congress Nyc
2010 Sc World Congress Nyc
 
140707_Cyber-Security
140707_Cyber-Security140707_Cyber-Security
140707_Cyber-Security
 
Challenging Insecurity: A Roadmap to Cyber Confidence
Challenging Insecurity: A Roadmap to Cyber ConfidenceChallenging Insecurity: A Roadmap to Cyber Confidence
Challenging Insecurity: A Roadmap to Cyber Confidence
 
Guide to high volume data sources for SIEM
Guide to high volume data sources for SIEMGuide to high volume data sources for SIEM
Guide to high volume data sources for SIEM
 
Cyber threat forecast 2018..
Cyber threat forecast 2018..Cyber threat forecast 2018..
Cyber threat forecast 2018..
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
 
Adopting Intelligence-Driven Security
Adopting Intelligence-Driven SecurityAdopting Intelligence-Driven Security
Adopting Intelligence-Driven Security
 
Avoiding The Seven Deadly Sins of IT
Avoiding The Seven Deadly Sins of ITAvoiding The Seven Deadly Sins of IT
Avoiding The Seven Deadly Sins of IT
 
DBryant-Cybersecurity Challenge
DBryant-Cybersecurity ChallengeDBryant-Cybersecurity Challenge
DBryant-Cybersecurity Challenge
 
What Small Business Can Do To Protect Themselves Now in Cybersecurity
What Small Business Can Do To Protect Themselves Now in CybersecurityWhat Small Business Can Do To Protect Themselves Now in Cybersecurity
What Small Business Can Do To Protect Themselves Now in Cybersecurity
 
Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligence
 
Cybersecurity & the Board of Directors
Cybersecurity & the Board of DirectorsCybersecurity & the Board of Directors
Cybersecurity & the Board of Directors
 
Research Paper
Research PaperResearch Paper
Research Paper
 
Getting ahead of compromise
Getting ahead of compromiseGetting ahead of compromise
Getting ahead of compromise
 

Similar to Cybersecurity After WannaCry: How to Resist Future Attacks

Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperCMR WORLD TECH
 
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdfsecureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdfYounesChafi1
 
Cyber Client Alert
Cyber Client AlertCyber Client Alert
Cyber Client AlertGraeme Cross
 
Cyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptxCyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptxAbimbolaFisher1
 
What Is Cyber Threat Intelligence | How It Work? | SOCVault
What Is Cyber Threat Intelligence | How It Work? | SOCVaultWhat Is Cyber Threat Intelligence | How It Work? | SOCVault
What Is Cyber Threat Intelligence | How It Work? | SOCVaultSOCVault
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForcePatrick Bouillaud
 
threat-lifecycle-management-whitepaper
threat-lifecycle-management-whitepaperthreat-lifecycle-management-whitepaper
threat-lifecycle-management-whitepaperRudy Piekarski
 
Ways To Protect Your Company From Cybercrime
Ways To Protect Your Company From CybercrimeWays To Protect Your Company From Cybercrime
Ways To Protect Your Company From Cybercrimethinkwithniche
 
Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman
 
56 JULY 2017 WWW.COM.docx
56 JULY 2017 WWW.COM.docx56 JULY 2017 WWW.COM.docx
56 JULY 2017 WWW.COM.docxalinainglis
 
What's behind a cyber attack
What's behind a cyber attackWhat's behind a cyber attack
What's behind a cyber attackAndreanne Clarke
 
The top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdowThe top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdowDharmendra Rama
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityKaryl Scott
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Erik Ginalick
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threatsReadWrite
 

Similar to Cybersecurity After WannaCry: How to Resist Future Attacks (20)

Cloud & Sécurité
Cloud & SécuritéCloud & Sécurité
Cloud & Sécurité
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
 
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdfsecureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
 
Cyber Client Alert
Cyber Client AlertCyber Client Alert
Cyber Client Alert
 
Cyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptxCyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptx
 
Data Safety And Security
Data Safety And SecurityData Safety And Security
Data Safety And Security
 
What Is Cyber Threat Intelligence | How It Work? | SOCVault
What Is Cyber Threat Intelligence | How It Work? | SOCVaultWhat Is Cyber Threat Intelligence | How It Work? | SOCVault
What Is Cyber Threat Intelligence | How It Work? | SOCVault
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-Force
 
IBM X-Force.PDF
IBM X-Force.PDFIBM X-Force.PDF
IBM X-Force.PDF
 
threat-lifecycle-management-whitepaper
threat-lifecycle-management-whitepaperthreat-lifecycle-management-whitepaper
threat-lifecycle-management-whitepaper
 
Ways To Protect Your Company From Cybercrime
Ways To Protect Your Company From CybercrimeWays To Protect Your Company From Cybercrime
Ways To Protect Your Company From Cybercrime
 
Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015
 
56 JULY 2017 WWW.COM.docx
56 JULY 2017 WWW.COM.docx56 JULY 2017 WWW.COM.docx
56 JULY 2017 WWW.COM.docx
 
Retail
Retail Retail
Retail
 
What's behind a cyber attack
What's behind a cyber attackWhat's behind a cyber attack
What's behind a cyber attack
 
The top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdowThe top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdow
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber Security
 
DarkWeb
DarkWebDarkWeb
DarkWeb
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threats
 

More from Strategy&, a member of the PwC network

More from Strategy&, a member of the PwC network (20)

The seven stages of strategic leadership
The seven stages of strategic leadershipThe seven stages of strategic leadership
The seven stages of strategic leadership
 
Organizational effectiveness goes digital
Organizational effectiveness goes digital Organizational effectiveness goes digital
Organizational effectiveness goes digital
 
Winning with a data-driven strategy
Winning with a data-driven strategyWinning with a data-driven strategy
Winning with a data-driven strategy
 
Automating trust with new technologies
Automating trust with new technologiesAutomating trust with new technologies
Automating trust with new technologies
 
Facing up to the automotive innovation dilemma
Facing up to the automotive innovation dilemmaFacing up to the automotive innovation dilemma
Facing up to the automotive innovation dilemma
 
The Four X Factors of Exceptional Leaders
The Four X Factors of Exceptional LeadersThe Four X Factors of Exceptional Leaders
The Four X Factors of Exceptional Leaders
 
What is fair when it comes to AI bias?
What is fair when it comes to AI bias?What is fair when it comes to AI bias?
What is fair when it comes to AI bias?
 
Chinese cars go global
Chinese cars go globalChinese cars go global
Chinese cars go global
 
Power strategies
Power strategiesPower strategies
Power strategies
 
Tomorrow's Data Heros
Tomorrow's Data HerosTomorrow's Data Heros
Tomorrow's Data Heros
 
Is AI the Next Frontier for National Competitive Advantage?
Is AI the Next Frontier for National Competitive Advantage?Is AI the Next Frontier for National Competitive Advantage?
Is AI the Next Frontier for National Competitive Advantage?
 
Memo to the CEO: Is Your Chief Strategy Officer Set Up for Success?
Memo to the CEO: Is Your Chief Strategy Officer Set Up for Success?Memo to the CEO: Is Your Chief Strategy Officer Set Up for Success?
Memo to the CEO: Is Your Chief Strategy Officer Set Up for Success?
 
Memo to the CEO: Is Your Chief Strategy Officer Set Up for Success?
Memo to the CEO: Is Your Chief Strategy Officer Set Up for Success?Memo to the CEO: Is Your Chief Strategy Officer Set Up for Success?
Memo to the CEO: Is Your Chief Strategy Officer Set Up for Success?
 
HQ 2.0: The Next-Generation Corporate Center
HQ 2.0: The Next-Generation Corporate CenterHQ 2.0: The Next-Generation Corporate Center
HQ 2.0: The Next-Generation Corporate Center
 
Keeping Cool under Pressure
Keeping Cool under PressureKeeping Cool under Pressure
Keeping Cool under Pressure
 
The Flywheel Philosophy
The Flywheel PhilosophyThe Flywheel Philosophy
The Flywheel Philosophy
 
Leading a Bionic Transformation
Leading a Bionic TransformationLeading a Bionic Transformation
Leading a Bionic Transformation
 
Why Is It So Hard to Trust a Blockchain?
Why Is It So Hard to Trust a Blockchain?Why Is It So Hard to Trust a Blockchain?
Why Is It So Hard to Trust a Blockchain?
 
The Future of Artificial Intelligence Depends on Trust
The Future of Artificial Intelligence Depends on TrustThe Future of Artificial Intelligence Depends on Trust
The Future of Artificial Intelligence Depends on Trust
 
Approaching Diversity with the Brain in Mind
Approaching Diversity with the Brain in MindApproaching Diversity with the Brain in Mind
Approaching Diversity with the Brain in Mind
 

Recently uploaded

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 

Recently uploaded (20)

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 

Cybersecurity After WannaCry: How to Resist Future Attacks

  • 1. www.strategy-business.com strategy+business ONLINE MAY 16, 2017 Cybersecurity after WannaCry: How to Resist Future Attacks A few key habits and attributes can help protect companies from ransomware — now and going forward. BY DAVID BURG AND SEAN JOYCE
  • 2. www.strategy-business.com 1 legedly from the National Security Agency by an anony- mous group called Shadow Brokers). Similar documents (allegedly originally from the Central Intelligence Agen- cy) were published by WikiLeaks in March 2017, and there will probably be more such leaks, not just in the U.S. and Europe, but in countries around the world. Ev- ery breach will empower independent actors with tools heretofore held by governments. Ransom, blackmail, surveillance, shutdown, and data manipulation are all more feasible than they were only a few months ago. All companies and organizations must now ask themselves the same question, whether they were af- fected by WannaCry or not: How can we protect our- selves from similar attacks in the future? Here are five key factors that separate vulnerable companies from more resilient enterprises. 1. Robust digital hygiene. The WannaCry event highlights the importance of vigilant IT management: staying up to date with technological advances. Micro- soft released its patch for WannaCry’s Windows vulner- ability in March 2017. Companies that promptly in- stalled it were protected, while many of the hardest-hit companies were using outdated operating system soft- ware and even pirated software. Robust hygiene also involves rigorous backup practices. For example, don’t just back up your company’s data. Test the backups regularly. Secure them so they are separate from your T he ransomware attack known as WannaCry first struck on Friday, May 12, 2017, and by the following Monday, it had reached more than 200,000 computers in 150 countries. Although we still don’t know all the details, it’s clear that some organiza- tions were victimized far more severely than others. The news of this episode reinforces a view that we at PwC have promoted for a long time: Effective protection against cyber-attacks has less to do with any particular technological factor, and everything to do with proac- tive risk management in general. Like all ransomware, WannaCry damages compa- nies in two ways. First, it costs the organization to re- cover the documents that the algorithm has encrypted. Second, even if the ransom payment is small — and there’s no guarantee that future ransomers will limit theirs, as was the case with the WannaCry fee, to US$300 in bitcoin — the costs of coping can be im- mense. Research conducted by PwC found that most ransomware incidents resulted in hours of downtime or networks taken offline for up to 10 days. Moreover, the attackers still hold any proprietary data they picked up. They can sell it or release it publicly, even after the tar- geted company has paid a ransom. We expect there will be more attacks because the techniques and exploits used to distribute WannaCry were only recently leaked to the world in April 2017 (al- Cybersecurity after WannaCry: How to Resist Future Attacks A few key habits and attributes can help protect companies from ransomware — now and going forward. by David Burg and Sean Joyce
  • 3. www.strategy-business.com 2 systems accordingly. Pay particular attention to your information supply chain: Which vendors, suppliers, and partners have access to your data, and what are they doing to secure it? Rethink your authentication and security controls; for example, introduce two- factor authentication, in which a password must be combined with biometrics, tokens, or some other authentication factor. 4. Advance planning and rehearsal. In the same way that you have developed advance plans for floods, fires, and other emergencies, prepare for cyber-attacks before they occur. The plans should specify how you will re- spond if there is an attack, and who will be accountable for which aspect. (For example, who will head up the information chain that notifies customers if their credit card information is stolen — the chief risk officer, the chief information security officer, or someone else?) To prepare for ransomware attacks, set up a decision ma- trix. Who will retrieve the information from a backup? Who will communicate with the data kidnappers? Un- der what last-resort circumstances — for example, a threat to life — might you be forced to pay the ransom? Think through all of this in advance and rehearse your responses. If a crisis does occur, you will already know what to do. 5. Early adoption of cloud technology. Cloud-based systems are updated easily and automatically in one lo- other systems or networks; otherwise, they will be cor- rupted as well. 2. The ability to detect intrusive behavior. Human error is still the most prevalent means of gaining access to proprietary information. Employees often unwitting- ly expose data to a cyber threat actor through a fraudu- lent email or other socially engineered techniques, thereby giving hackers access to passcodes or other means of entry. Organizations with effective risk man- agement practices rarely release sensitive information to outsiders inadvertently. They are particularly protective of administrative accounts and other privileged infor- mation; they make it extremely difficult to obtain the kind of data that would allow someone to take over a system. They are also attuned to detection, learning to recognize the keystroke behavior common to intruders and isolate it in real time. The one thing they share openly is the data about the intruders they detect; col- laboration among security professionals from a wide range of organizations is one of the best defenses against cybercrime activity. 3. Thoughtful design of IT infrastructure. Every company has its own most valuable information assets: critically important intellectual property, proprietary customer-related data, financial data, and other strate- gically valuable insights. These must be protected dif- ferently from other information assets. Design your David Burg david.burg@pwc.com is a principal in the PwC US advisory practice. He is PwC’s global and U.S. cybersecurity leader. Sean Joyce sean.joyce@pwc.com is a principal in the PwC US advisory practice. He leads the firm’s cybercrime unit, focusing on cybersecurity, anti-money laundering, fraud, and anti- bribery/anti-corruption. Previ- ously, he was deputy director with the U.S. Federal Bureau of Investigation. Also contributing to this article were PwC US partner Thomas Archer, PwC UK partner Kris McConkey, and PwC US directors Adam Malone and Mark Ray.
  • 4. www.strategy-business.com 3 cation, accumulate data in real time about attacks and intrusions, and incorporate built-in constraints that separate software layers and block intrusive software from reaching fruition. This gives them an edge over systems that rely on computers on the premises. It may also be relatively difficult for intruders to exploit holes in cloud-based architecture. For example, in late April 2017, Google blocked a spear phishing attack (an at- tempted use of targeted email to get people to send com- promising information); the cloud-based aspects of Gmail software enabled it to rapidly identify and isolate the intruding malware. Of course, even if you have these five attributes in place, you cannot be complacent. The most effective companies have focused on developing their cybersecu- rity acumen. New ways of approaching your computer systems will become a way of life: preventing intrusion; preparing for your response (including separating your backups from your network); detaching your backups from the rest of your activity; responding rapidly and effectively to intrusions when they occur; recovering, if necessary, with measures you have put in place ahead of time; and building resiliency. When these activities have become ingrained in your company, then your prowess at managing cyber risks becomes a strategic as- set. If you can do that, you can also master many of the other management challenges in our increasingly com- plex business environment. +
  • 5. strategy+business magazine is published by certain member firms of the PwC network. To subscribe, visit strategy-business.com or call 1-855-869-4862. • strategy-business.com • facebook.com/strategybusiness • linkedin.com/company/strategy-business • twitter.com/stratandbiz Articles published in strategy+business do not necessarily represent the views of the member firms of the PwC network. Reviews and mentions of publications, products, or services do not constitute endorsement or recommendation for purchase. © 2017 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details. Mentions of Strategy& refer to the global team of practical strategists that is integrated within the PwC network of firms. For more about Strategy&, see www.strategyand.pwc.com. No reproduction is permitted in whole or part without written permission of PwC. “strategy+business” is a trademark of PwC.