Getting cyber security math right is key to preventing ransomware attacks

Davey Winder hits the nail on the head here. We’ve got to get used to living with attacks because what we currently do isn’t going to fix the problem…:

[…] What I’m saying here, to finally get to the point, is simply this: ransomware attacks against healthcare are here to stay. Which means everyone has to get better at preventing a targeted attack from becoming a successful one.

I’m sure that, with the benefit of time when the recovery process dust has settled, we’ll get a better insight into what went wrong to allow Conti to deal such damage in the Irish HSE case. What I’m not going to do is try and pre-empt the inevitable enquiry and map out the threat map with likely entry point markers. Doing so accomplishes nothing: everyone involved with cybersecurity already knows the most common attack methodologies, the weaknesses are not going to be a surprise to anyone.


Original article