domingo, 12 de noviembre de 2017

Six months after #Wannacry

Six months ago, on May 12th, the world was shaken by Wannacry. It was not the first global cybersecurity incident but it was probably the one with the quickest contagion so far. There is a feeling that the crisis could be avoided with stricter updating procedures of the basic software. Certainly, there existed in some cases a problem with basic IT security as have been proved, but not all the causes for the crisis could be reduced to the lack of update of IT systems.

Or it could be better said that the lack of basic IT security measures were only the tip of the iceberg of bigger problems. Organisations have still to learn three basic lessons to protect themselves. Firstly, cybersecurity depends on technological mesaures as much as on organisational and behavioral change that promote prevention mesaures. Secondly, there is a lack of human resources within organisations with the needed cybersecurity knowledge. Last but not least, the legal framework neither oblige enough the companies to deploy protection measures nor deter the attackers.

In the EU we are beginning to see steps in that direction. There is the feeling that a ransomware case on a big scale could happen again, so the advices about how to react to those cases are frequent. However, structural measures are also promoted by European organizations, as the development by ETSI of standard procedures to implement the not so recently approved NIS Directive. Also in the political level the awareness is on the rise, and there is the intention to establish new alliances for mutual defense and funds to help on case of cybersecurity disaster.

Automatisation is key for the economic development and social well being. calls to embrace AI are given by cyber security specialist. With certain caution perhaps it is is time to believe that the mesaures are begining to be taken, the question is if we are acting quickly enough.

No hay comentarios:

Publicar un comentario

palyginti kainas