In the wake of one of the largest ransomware attacks in recent memory, there has been a lot of discussion on what can be done and should Wannacry actually have been a threat as anyone following best practices and performing updates on a regular basis would have been protected already?
The reality though is that sometimes it’s forgotten that line of business applications force our hands as a company and don’t allow us to upgrade when patches are sent. We often take the approach of “it won’t happen to me” or “nobody would benefit from taking my data” but the fact is that we have no idea what someone might do with our information and it may not even be right away or used by them as it could be sold to the highest bidder with no remorse.
Often times, it’s actually the disruption that is more costly than the impact on information lost or held captive and hackers know that. If you do the math on what downtime costs your business you may be startled when you attach a number to a day of downtime. Take the below simple formula and plug in your numbers in place of the ones used here to see why it is that GAM Tech performs updates monthly for our customers.
Annual revenue ($5,000,000) / number of employees (30) = average annual revenue per employee ($166,666.67)
Average annual revenue per employee ($166,666.67) / number of hours worked (2,000) = average revenue per employee, per hour ($83.33)
Total hours system is down (8) x percentage of employees affected (100%)
(Number of employees x average revenue per hour) x hours down x % employees affected
That equals $20,000 for every day you can’t work or .4% of your annual revenue lost per day
The following article illustrates the fact that you can put a plan in place but if you are running old architecture, you are not prepared or protected against the latest threats as they have weaknesses that can be exploited. Microsoft stopped supporting Windows XP over three years ago now and if your plan doesn’t include phasing out that equipment you simply aren’t prepared for the future and are open to ransomware and any number of other types of attacks.
While this may seem as though it’s attempting to capitalize on a threat and sell more hardware, that isn’t the case at all. It is simply a reminder that holding on to a piece of equipment because it technically still works leaves you and your business at risk to things that we can’t even predict at this point. Ransomware will get worse before it gets better and it’s important to stay up to date as part of an overall security strategy.
Published By: Adrian Ghira on May 19th, 2017