Why Enterprise Security Needs a New Focus (DarkReading)


WannaCry appeared to be the catastrophic global cybersecurity breach we’ve long been expecting, but despite the damage caused, the full possible magnitude of the threat was never realized.

True, the ransomware worm infected 200,000 computers in over 150 countries — causing issues for organizations as diverse as FedEx, the UK’s National Health Service, and Russia’s interior ministry — but it could have been so much worse without the almost accidental triggering of the kill switch.

The most disturbing aspect of WannaCry was the speed with which it spread, and the failure that allowed this to happen was human and organizational in addition to technological. Despite Europol director Rob Wainwright’s advice for enterprises to “patch before Monday,” the rapid proliferation of the ransomware illustrates why patching — and any solution that focuses on defending network perimeters — isn’t enough to combat the threat from cybercriminals.