In a Tanium survey of 500 frontline IT security workers in the UK, around a third admitted there was panic immediately after the WannaCry attack, but many haven’t taken the action to protect themselves against such attacks in future.
Only 31% say that their organisation has invested in a new security solution since WannaCry, despite their boards claiming to have placed more importance on IT security since the attack.
Critical actions not being taken
According to findings UK firms responded immediately after the attack, reviewing existing security systems (62 per cent) and redefining the process for reacting to security incidents (38 per cent). However, immediate concern didn’t translate into long-term action.
Businesses are still struggling with basic systems management tasks, such as patching, which are essential in preventing future attacks. More than 66 per cent of respondents admitted that they haven’t improved their patch management process since the WannaCry attack.
For 14 per cent of respondents, the need to innovate quickly is causing them to compromise on their security practices. One in five say their cyber practices haven’t changed as other IT initiatives had to take priority.
Lack of budget held back a quarter of respondents from implementing cybersecurity technology and policies.
Almost half (42 per cent) of the frontline IT workers surveyed believe their senior leadership team fails to realise how exposed their companies are to cyber threats.
Over a quarter say their organisation prioritises client entertainment and employee welfare initiatives such as Christmas parties while 43 per cent say they struggle to get funding for urgent cybersecurity projects.
As a result, one in ten admit they are not confident that their organisation could immediately respond to or recover from another WannaCry-style attack.
Source: UK Small Business