subscribe: Daily Newsletter

 

BT Security and the WannaCry attack

0 comments

Mark Hughes, CEO of BT Security, tenders this statement:

WannaCry brought to the front many of the issues we, security professionals have been highlighting for considerable time. It is not the first global attack, but it is unique in its scope and the way it spread.

Since the outbreak started, we have been advising our customers to follow these four basic steps to stay secure:

* Check you have the patch applied and running correctly across your global IT estate.

* Work closely with your AV vendors and Microsoft to ensure you have the latest virus protection available.

* Discover whether you have been infected, limit the spread as far as possible then neutralise to avoid the malware detonating.

* Isolate and roll-back. Contain the affected machines, clean them, then restore the data.

The fact our network and BT as a company were not compromised during the attack is down to several factors:

* An organisation (from the board level down) that understands the importance of Cyber Security and the investment necessary to deal with the risks, combined with an agile governance structure that can take decisive action at the pace of the incident.

* Regular refresh and upgrade of our IT estate (including Windows XP), based on cyber risk assessment regarding the need and urgency.

* Centrally managed patching and control: we have total understanding of our assets and can manage accordingly.

* A cohesive global response: within 1 hour of the malware becoming a global phenomenon we were utilising our Security Incident Management Process to understand how vulnerable we were and what additional action needed to be taken.

* Layered protection with up to date antivirus and better policies around email, which enabled us to be better prepared by blocking executables on the email proxy (reducing risk of phishing, which is likely the point of entry for this malware).

* Control and authentication of end point devices attaching to our networks, such as our corporate desktops and USB devices. And the encryption of data at rest.

* Connection to and partnering with a diverse array of industry & government bodies for sharing of intel and best practice.