One year on and the NHS is still recovering from WannaCry. The attack in May 2017 affected both public and private sector organisations all over the world.
The latest reports around cyber security have revealed that trust has been lost in the public sector since WannaCry and that protection is a priority moving forward.
Cyber Security Breaches Survey 2018
The Cyber Security Breaches Survey, released in April 2018, revealed that the WannaCry ransomware attack has undermined trust in the UK Government’s cyber security strategy.
In chapter three, when the private sector was asked about their “awareness of Government initiatives and communications “, interviewees gave mixed reactions regarding government advice on cyber security. One response included:
“I wouldn’t think of the Government as being necessarily cyber-savvy. Look at the NHS attack… You think the NHS is under the control of the Government, so the Government can’t be seen to be doing its own due diligence”.
Investigation: WannaCry cyber attack and the NHS
The latest research from the National Audit Office reveals that the “department was warned about the risks of cyber attacks on the NHS” one year before the WannaCry attack occurred. The Secretary of State for Health asked the National Data Guardian and CQC for recommendations on how to strengthen cyber protection. They suggested that the NHS take action by obtaining cyber security certification such as Cyber Essentials.
During the attack, 34 NHS trusts were infected and locked out of devices and 46 reported disruption. The ‘Investigation: WannaCry cyber attack and the NHS’ report highlights that the NHS has accepted that “there are lessons to learn” from the WannaCry attack and is already working on improvements.
The report states that protection is a priority across the public sector to protect services from future cyber attacks.
Protecting your organisation with Cyber Essentials
It is important that your organisation can show that it has taken basic precautions against cyber attacks.
If you are looking for a cyber security solution for your public sector organisation, Cyber Essentials certification will help you understand the basic principles of cyber security.
The controls put in place to achieve Cyber Essentials certification will protect your organisation from around 80% of common cyber attacks.