The WannaCry ransomware attack in May 2017 crippled the UK’s National Health Service (NHS) and disrupted a range of organizations across 150 countries. Despite being a relatively unsophisticated attack, WannaCry was able to make such a global impact due to preventable vulnerabilities that had largely gone unaddressed. There were many more attacks in 2017, including high-profile breaches at Uber and Equifax, where heeding cyber-security recommendations may have reduced the impact and fallout.
The scale and sophistication of cyber-attacks is not slowing down – ranging from phishing scams to cryptocurrency-based cyber attacks, to state-sponsored attacks on industrial control systems.
These attacks present an ever growing challenge and serve as a reminder that organizations cannot afford to be complacent in the face of cyber threats. We’re living in a time when cyberattacks are a matter of when, not if, and security professionals must focus on mitigating their extent and damage.