Cybersecurity in the UK: Act now or WannaCry later

By Ashok Patel.

In May 2017, news outlets around the world reported a cyberattack the scale of which had never been seen before. The initial phase of the WannaCry cyberattack lasted a mere four days, but in that brief period it had a devastating impact on organisations around the world. More than 200,000 computers in over 100 countries were affected, with organisations as diverse as multinational conglomerate Hitachi in Japan, LATAM Airlines Group in Chile, and the police department in Andhra Pradesh, India all suffering some level of disruption.

In the UK, at least 34% of NHS trusts in England were disrupted by the attack, with an additional 603 NHS organisations affected, including 595 GP practices. Nearly 7,000 appointments were cancelled and ambulances were diverted from five accident & emergency departments as doctors and nurses across the country struggled to access medical records. And that was just the impact in England—there were further breaches in NHS trusts in Scotland, too.*

The scale of the attack was incredible, and the craziest part of the whole scenario was that the WannaCry exploit should have been relatively easy to prevent: Effective management of firewalls, installing the relevant security patches from Microsoft, or migrating from old, unsupported operating systems would likely have been enough to stave off infection.

But while WannaCry may have been relatively easy to fend off with some basic IT precautions, not all cyberattacks are so easily avoided—a fact borne out by the number of successful high-profile attacks against some very digitally sophisticated organisations over the last few years. Breaches at Yahoo!, Uber, Apple, and a host of other prominent companies have brought scrutiny not only from regulators but also from a general public that is increasingly concerned about the data companies hold and who has access to it.

As digital technologies become even more central to everything businesses and governments do, the problem only becomes more pressing, with more data and more systems becoming vulnerable to attack. 37% of UK consulting revenues are coming from digitisation projects, so surely it comes as little surprise that consultants are seeing a big increase in cybersecurity work at the same time. Indeed, cybersecurity accounted for nearly 10% of all consulting work last year compared to less than 5% two years ago, with one consultant telling us: “Cybersecurity will remain really hot—you only have to have another problem highlighted in the press and everyone becomes even more focused”.

And it is not just the volume of cybersecurity work that’s increasing but also its complexity. As digital solutions become more sophisticated, so do the systems needed to shore them up. While the world’s digitally-savvy ne’er-do-wells seem to have no trouble keeping up with the latest advances, few companies have the capabilities to match them on the defensive front. So, they’re turning to consultants.

But for consultants, becoming one of those trusted cybersecurity providers isn’t easy. There may be a lot of cybersecurity work available in the UK market—and a lot more to come over the next few years—but it’s not just there for the taking. Consultants who want a piece of this lucrative action are going to need a solid proposition, a strong portfolio of similar work performed for other clients, and ongoing investments to stay on top of the latest technologies and their vulnerabilities. As the cybersecurity market picks up pace, it’s only going to get harder to jump on the train, and firms that aren’t actively adding cybersecurity capabilities to their digital offerings now risk being left behind in the not-so-distant future.

*National Audit Office, Investigation: WannaCry cyber attack and the NHS, Oct. 27, 2017 (accessed Mar. 22, 2018). Available at: https://www.nao.org.uk/report/investigation-wannacry-cyber-attack-and-the-nhs/