London, England, 8 May 2018 – The WannaCry ransomware attack that crippled the NHS and infected more than 200,000 computers in 150 countries has not translated into action at many organisations. According to a Tanium survey of 500 frontline IT security workers in the U.K, one third (36%) of respondents admitted there was panic immediately after the WannaCry attack, but nothing has changed since.
The findings show that two fifths (40%) admit their organisation is more exposed than they were a year ago. Whilst, just 31% state their organisation has invested in a new security solution since WannaCry, despite their boards claiming to have placed more importance on IT security since the attack.
Major issues highlighted in the research include:
Critical Actions Have Not Been Taken
UK firms responded immediately after the attack, reviewing existing security systems (62%) and redefining the process for reacting to security incidents (38%). However, it seems that immediate concern did not translate into long-term action.
Businesses are still struggling with basic systems management tasks, such as patching, which are critical to preventing future attacks. According to the study, more than sixty percent (66%) of respondents admitted that they haven’t improved their patch management process since the WannaCry attack.
For many survey respondents, the need to innovate quickly is causing them to compromise on their security practices as well. In fact, one in five stated their cyber practices haven’t changed as other IT initiatives had to take priority. Lack of budget was also cited by almost a quarter (23%) of respondents as a factor holding them back from implementing the cybersecurity technology and policies.
Matt Ellard, Vice President, EMEA at Tanium, explains: “It’s genuinely concerning that U.K. organisations claim to have learnt lessons from WannaCry but are struggling to take actions to stop a similar attack from happening again.
The attack, which grabbed headlines all over the world, should have been a wake-up call for businesses to get their houses in order. However, legacy systems and architecture, fear of patching, fragmentation of point solutions, limited budgets and silos that exist within the IT operations and security teams are still leaving UK firms vulnerable to attack.”
The Accountability Gap
Almost half (42%) of the frontline IT workers surveyed believe their senior leadership team fails to realise how exposed their companies are to cyber threats. Whilst over a quarter (28%) say their organisation prioritises client entertainment and employee welfare initiatives such as Christmas parties. In fact, 43% say they struggle to get funding for urgent cybersecurity projects. This has led one in 10 to admit they are not confident their organisation could immediately respond to or recover from another WannaCry-style attack.
Ellard concludes: “We’ve seen countless breaches in the last 12 months and businesses need stronger resilience to fight future threats. Having clear visibility of all of the endpoints across the network and being able to act on this in real-time is crucial to fighting off cyber-attacks and safeguarding future business.
Businesses can no longer afford to overlook the scale of the threats they face and the IT operations and security teams need to bridge the accountability gap to protect the network, company and customer data.”
For more information, visit https://www.tanium.com/.
Tanium offers a unified endpoint management and security platform that is built for the world’s most demanding IT environments. Many of the world’s largest and most sophisticated organizations, including more than half of the Fortune 100, top retailers and financial institutions, and four branches of the US Armed Forces rely on Tanium to make confident decisions, operate efficiently and effectively, and remain resilient against disruption. Tanium ranks 7th on the Forbes list of “Top 100 Private Companies in Cloud Computing” for 2019 and 10th on FORTUNE’s list of the “100 Best Medium Workplaces.” Visit us at www.tanium.com and follow us on LinkedIn and Twitter.
Tanium’s statements regarding its plans, directions and intent are subject to change or withdrawal without notice at Tanium’s sole discretion. Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision. Information about potential future products may not be incorporated into any contract. The information mentioned regarding potential future products is not a commitment, promise or legal obligation to deliver any material, code or functionality. The development, release and timing of any future features or functionality described for our products remains at our sole discretion.
+44 7909 525099
Brands2Life, for Tanium
+1 (415) 610 7500