Can we talk a little bit me we mentioned wannacry the ransomware


And kissing just make you a part of this conversation sorry about that is can we talk a little bit me we mentioned wannacry the ransomware can we talk a little bit about a wannacry legacy software and and how that became such an enormous issue how wannacry did yet yeah so i mean i think uh what wannacry prompted is sort of an ageold discussion and cybersecurity and we were talking about this a little earlier between compliance in risk management set sorry can i stop who gave her second could you give us like a two sentenced description of wannacry for anyone who isn't following that so wannacry was a breach that essentially happened because computers were not updated it was a microsoft operating system and what happened was in march of this year microsoft identified the vulnerability and issued a patch which is essentially a remedy for what had happened on the operating system and about six to eight weeks later that that when those people had not caps the systems it opened up a tremendous vulnerability that led to issues in the uk in the hospital system all over i think probably has the the statistics on it but the reach of that uh breach was significant in that type of vulnerability and what it did was it really called again into the limelight this challenge between compliance in risk management and so we often talk about cyber hygiene and that's becoming a freeze that is getting so over that it's sort of lost its meeting these very basic things that need to happen on operating systems in order to keep them up to date and what the challenges right now is when you are running and operating system as part of an enterprise if you are not updating and keeping your system current that is really just that's low hanging fruit in that is a serious failure on the part of the operating system and a part of the the uh technology engineer whoever is responsible for the administrator and so the fact that we saw so much of that getting exposed for those individuals who had purchased it in the free market not on the black market of they weren't bootlegged copies those have their own issues but the fact that we saw this comes into question again calls into question again this idea that we are missing basic level approaches to cybersecurity.

Coming up next