September 22, 2017

Thoughts from GovWare 2017: Lessons Learned from Ransomware Outbreaks

Nicolas Fischbach

This week I had the pleasure of speaking at Singapore’s GovWare 2017 in a session entitled ‘WannaCry’s Trajectory and Tomorrow’s Ransomware.’ This talk focused broadly on the lessons learned from the global WannaCry ransomware outbreak. While experienced security professionals know there is always a new threat coming, ransomware challenges enterprise networks in new ways – from human points of failure to the layering of security and mitigation software. 

Cybersecurity shifted to the physical realm earlier this year with its effects felt in life-and-death situations. WannaCry left patients stranded in Jakarta when a hospital couldn’t access their medical records and severly disrupted the UK’s National Health Service. Another global attack, Petya/NotPetya, shut down the radiation monitoring systems of the Chernobyl nuclear power plant in Ukraine and forced Maersk, a major global shipping company, to revert to an alternate processes causing significant delays. Indiscriminate in its targets, the attacks also disrupted a range of industries and halted everything from assembly lines and global shipments to important government services.

It is clear from these examples that sophisticated hackers­ ­are increasing the number of cyberattacks on commercial companies and private institutions. By targeting commercial networks, attackers threaten the critical services we rely on and our underlying stability, creating the potential for a global security crisis. We know that many CISOs are tired of hearing vendors say “our solution would have protected you,” when in fact the situation is far more complex. As we’ve learned from WannaCry and Petya/NotPetya, these crises often arise out of a well-known challenge: timely patch management (or the lack thereof). Understanding the combination of technology and process issues is key to understanding how to safeguard organizations.

With more than 85 percent of the networks, devices, and infrastructure of the internet in commercial hands, the future of the internet is dependent on commercial companies elevating their security and resiliency. The recent global cyberattacks exemplify a new dimension of global security – one that puts the commercial and private sectors on the front lines. Simply put, these attacks are a wake-up call. We have entered a new era when business leaders must evaluate their companies’ exposure to risk through a broader security lens, something that doesn’t always come naturally to CEOs and corporate boards.

From our vantage point, the commercial sector is still significantly underprepared. Few boards fully understand their exposure to cyber risk despite the growing attack surface area and vulnerabilities in today’s organizational environment. Besides accidental or malicious insiders, the modern business network exposes organizations to a variety of threats, be it compromised partners in the network, unsecured Internet of Things devices, shadow IT, or the growing trend of BYOD. For more on how commercial boards can better prepare against security threats, I invite you to read this article from our CEO, Matthew Moynahan, and CEO of Raytheon Tom Kennedy.

Nicolas Fischbach

As Global CTO and Vice President of SASE Engineering, Nico Fischbach drives corporate level vision, defines the research agenda, and pilots technology and architecture roadmaps that underpin Forcepoint's human-centric cybersecurity and SASE solutions. He is responsible for companywide innovation...

Read more articles by Nicolas Fischbach

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.