Cybersecurity Lessons from Major Cyberattacks (Wannacry, NotPetya) [Infographic]

As a technology-dependent society, we out to learn from cybersecurity lessons from the past major cyberattacks to protect not only our assets but also our clients’ private information from any data breaches.

On May 12th, 2017, the WannaCry ransomware attack was an international buzzword. Beginning in Europe, the malware quickly took over the globe, demanding users’ money for return of seized data. Using information stolen from the U.S. National Security Agency (NSA), hackers attacked more than 200,000 machines worldwide, affecting different industries and businesses of all sizes.

Just a few weeks later, a new cyberattack emerged, hitting companies’ data worldwide, totally wiping it from hard drives. So how come after one major cyberattack of the year, some companies were still unprepared for what NotPetya had to bring?

Let’s take a look at the cybersecurity lessons learned from major cyberattacks after myriads of companies failed at protecting their assets.

An In-Depth Defense

An attack can come from anywhere, anytime. That’s why implementing extensive and multi-layered security measures to protect the organization’s critical data, ranging from customer data to private internal files, is a top priority for any business.

Exercising incident response plans is an effective practice that can bridge the gap between companies’ policies and practices. However, the only way to make sure practices match the intent of cybersecurity policies is for businesses to conduct regular staff training and test exercises, such as tabletop tests. Doing so will enable operational staff to get familiar with the incident response process.

Timely and Accurate Communication

Communication isn’t always about handling the media when the attack goes public. In the event of a cyber attack, keeping everyone involved on the same page is integral to a company’s reputation. Addressing such an incident internally early can and will help mitigate the effects of it and properly translate an incident into what actually needs to be done. A cyber incident response team must run an investigation to understand what part of information got compromised and to what extent did that affect the clients. Managing the crisis at hand and getting the facts right is the foundation of the ethics of communication.

Most companies that have been affected by a data breach agree: proper digital housekeeping can provide a lifeline during a cyber incident.

Proper Digital Housekeeping

Experts stress the fact that the database entry logs play an important role in investigating a cyber incident. Good data housekeeping can improve cyber incident response. Even though it’s so impactful, not all cybersecurity responders get it handed to them once the need arises. There are many organizations that neglect to update their logs and transfer them to an appropriate person, which will definitely interfere with an investigation.

Securing a Service Level Agreement (SLA)

For an effective response, having the right contract in place will allow timely access with SLAs to the information a company needs in the event of a cyber attack.

If your vendor is withholding some critical data, you must have a contractual means to fall back. Establishing SLA in advance will be your agreement with your provider, either external or internal, that outlines the services to be provided, the expected responsiveness, and performance measurement.