The virus that has been impacting systems across the world this last week is known as “WannaCry”. This virus infiltrates an organisation and encrypts or locks files on servers preventing normal business operation. Very high profile organisations have been affected including: UK National Health Service (NHS), Telefonica among many others.
To guard against this and other similar attacks the following four areas need to be part of an organisations cyber controls:
- user awareness: cyber security awareness activity across all levels of the organisation;
- patch management: ensure that IT systems are regularly patched with security updates and that the culture exists within the organisation to assist IT in this activity;
- system backup and recovery: ensure that a formal backup of systems is in place with testing of recovery included; and
- firewall management: ensure that a firewall and vulnerability management solution is in place to allow for emails, websites and systems to be protected from malicious software such as ‘WannaCry’.
For a more in-depth analysis and more detailed technical view see our document. Please email firstname.lastname@example.org with any queries you have and we will revert in due course.