Related Posts
Additional Posts in Consulting
I heard Accenture pays more than McKinsey
Taking it to the next level. 🎂😅
New to Fishbowl?
Download the Fishbowl app to
unlock all discussions on Fishbowl.
unlock all discussions on Fishbowl.
I heard Accenture pays more than McKinsey
Taking it to the next level. 🎂😅
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Download the Fishbowl app to unlock all discussions on Fishbowl.
Copy and paste embed code on your site
Send download link to your phone
OR
Scan your QR code to download
Fishbowl app on your mobile
Most large companies will get impacted by stuff like this due to a lack of rigorous patching, poor firewall hygiene, ongoing use of old equipment, poor user education, and other generally poor security practices.
Anyone running XP is asking for it. There should be laws preventing medical facilities and other critical infrastructure from running XP, or other unsupported software, whether public or private. It's outright irresponsible. Not that all the victims were running out of date software.
The list of reasons are long but usually include: Underinvestment in security and/or IT, lack of management understanding of the risks, scarce security skillsets, business owners that push back on needed patching fearing downtime, users that click on anything and everything they receive, poor IT inventories that mean systems get missed even if patching is otherwise working, etc etc. security is a people, process and technology issue that requires a coordinated effort, persistence, a good people. Few organizations have that yet.
No surprise that it takes massive company forever to adapt, hence the reason we exist
Ha you have no idea. Not even surprised.
They were running Windows XP as the OS. Likely, patching and open ports were the problem. Funny how the hack was stopped by registering the single domain that the code was calling. These guys will be caught... that could have been avoided.
Not surprising at all. Big companies have a lot of legacy apps that they don't want to update. Hence this attack
Isn't big company inability to be up to date the business model for the Accentures of this world?
SC1 - There wasn't a patch for XP until after the attack. And there will be a 2.0 version so it can't sinkholed/killed so easily.
@pwc...what is causing leadership to fail to implement these changes
It's was a bit of a rhetorical question, but glad to see the responses.
I guess most firms are willing to accept that black swan risk since it's easy to put off investing in IT.
I think most organizations cant figure out how much they spend on IT or how they impact the business. Until IT leaders learn to speak the language of business they wont get anywhere asking for money