The outbreak of the “WannaCry” malware attack on May 12, 2017 was an eye-opener for governments, public sector institutions, businesses and individuals around the globe. The scale, reach, pace of spread and impact of the attack was unlike any other cyber-attack before. This may only be the beginning and possibly a wakeup call for organizations and netizens across the globe.
The WannaCry outbreak started on May 12, 2017. Malware encrypted documents on infected computers demanded a ransom to get the documents decrypted. The ransomware targeted organizations running on outdated Windows operating systems.
Scale and reach of the attack:
As of this writing, the spread of the ransomware is not yet contained and the financial impact and business loss is yet to be estimated. But initial reports suggested that within a day of the attack 3,000,000 computers from over 150 countries were affected. FedEx, National Health Service hospitals in the UK, Nissan Motors, Telefonica, Renault, and Deutsche Bahn were just a few of the noticeable names affected.
Impact on businesses:
The importance of data has been an important topic over the last few years. Big data is often touted as the most precious resource of our times. Critical decision making, day-to-day operations – the very existence of business – is dependent on data and this is exactly what was targeted in the attack. Holding data for ransom would disrupt the entire business operation. Telefonica is said to have asked its employees to turn off their computers to stop the spread of the malware. The attack has raised serious questions on the capability of firms to protect their data, data privacy, competence of current security systems and even the discipline in following security best practices and basic security hygiene.
IT procurement disruption:
The rising instances of cyberattacks will contribute to a rise in cybersecurity spending. Industry analysts estimated that cyber security spending in 2016 was $73.6 billion, and is set to touch $101.6 billion in 2020, but post-ransomware attacks these figures are likely to rise higher. It is interesting to note that even companies providing Managed Security Services were affected by WannaCry. All these factors will likely result in organizations rethinking their IT procurement strategy, with cybersecurity taking center stage when selecting vendors. There would be renewed interest in the vendors’ security systems as well.
More organizations will start partnering with Managed Security Services Providers (MSSPs) to tackle security threats. However, since even MSSPs were vulnerable to the ransomware attack, organizations will become choosier in picking their MSSP partners. We believe that organizations will opt for pure play security providers rather than multi-service providers, who typically have a lesser focus on security. Pure play MSSPs, with their focus on specific markets, regulatory requirements and niche offerings like advanced threat detection technologies, clearly stand apart from their competitors. Contracts may start to include stringent clauses on penalties levied against MSSPs, in case the customer faces security violations. Also, contract tenures will reduce, given the fact that security threats are dynamic and contract terms and services provided will be reviewed and renewed periodically. At the same time, enterprises will likely prefer service providers who can leverage predictive analytics techniques to proactively detect and evade cyber-attacks. They may even be willing to stretch their security budgets to achieve these targets.
In short, the WannaCry attacks were an eye opener, and more attacks of similar nature and scale are almost guaranteed. Organizational spend on cybersecurity is expected to shoot up, but service providers need to up their game to tap into this opportunity. Service providers can expect significant disruption, contractual requirements will get more stringent, contract models will evolve from being long-term fixed price to short-term, variable-based pricing models.