WannaCry: 25% Add Cybersecurity to Boardroom Agenda

A quarter of business decision makers have added cybersecurity to their boardroom agenda after the devastating WannaCry ransomware campaign which infected more than 200,000 organizations and private individuals in over 150 countries, including the UK’s National Health Service (NHS).

That’s according to a report by data protection company ClearSwift, which surveyed over 600 business decision makers (BDMs) and 1,200 employees from the UK, US, Germany and Australia.

Research firm Vanson Bourne asked business decision makers how the cyber-attack had affected their organization. Twenty-nine percent of BDMs said that their organization was considering implementing stronger security features as a result of the attack, 24% said that employees in their organization were asked to change all of their passwords and 18% said that they mandated better cybersecurity knowledge across the company.

Of the BDMs surveyed, 17% said their organization was directly affected by the WannaCry, and 27% said their organization’s suppliers were affected by the cyber-attack.

Many of the business decision makers have been personally working on areas to help improve cybersecurity within their businesses following the attack. Further, 41% of BDMs said they were making sure that their organization implements better security measures, while more than a third said they’ve either been reading more about cybersecurity or learning more about cybersecurity through formal courses, training or accreditation.

Others have asked for advice from people within their organization (22%) or from a friend or family member (10%) – while some have escalated the topic to the board (17%).

Of some concern, was that 7% said they hadn’t and would not take any action following the global cyber-attack – perhaps because they believe they already have the correct security measures in place. This was more of a case in the UK than in the US, Australia or Germany, where 14% of BDMs said they wouldn’t take any action. A further 3% of all BDMs across the four countries haven’t taken any action yet, but plan to.

Those in the UK were also less likely than those in the US, Australia and Germany to change their passwords, read more about cybersecurity or even ask their company for advice. The US (49%) proved most likely to action change, followed by Australia (43%), Germany (37%) and then the UK (35%). This was particularly surprising considering that the NHS was one of the main organizations hit by the attack.

Meanwhile a total of 58% of BDMs believe that their organisation is either likely to or definitely will, suffer a cyber-attack in the next few months. Only a third (34%) said it was unlikely, while 8% said they didn’t know.  

What’s Hot on Infosecurity Magazine?